BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 01-20-2011, 06:07 AM   #1 (permalink)
New Member
 
Join Date: Jan 2006
Location: Parsippany, NJ
Model: 8700c
PIN: 203D93F4
Carrier: AT&T
Posts: 8
Post Thanks: 0
Thanked 0 Times in 0 Posts
Question Best Security Practices for a Bank Holding Company

Please Login to Remove!

I work at a bank holding company, so we have many users with very sensitive data on their BlackBerry. I am wondering what would be the best policies and restrictions to implement in order to make sure all the data is secure on the BB especially if it is lost. These are our current security policies in place. We are running BES 5.0.

Password
Password Pattern Checks - No Restrictions
Maximum Password Age - 90 Days
Maximum Security Timeout - 15 Minutes
Minimum Password Length - 6
Password Required - Yes
Maximum Password History - 4
Suppress Password Echo - Yes
Maximum Password Attempts - 8
Password Timeout - 15 Minutes

Security
Disallow Third Party Applications Downloads - No
Offline  
Old 01-20-2011, 06:55 AM   #2 (permalink)
Appleinator
 
Dubdub's Avatar
 
Join Date: Nov 2005
Location: New Hampshire
Model: App5
OS: AJBR549
PIN: Ask
Carrier: ATT & Verizon
Posts: 20,034
Post Thanks: 54
Thanked 782 Times in 742 Posts
Default Re: Best Security Practices for a Bank Holding Company

Moved to the BES Admin section - probably a better spot for your question.
__________________
-->>BB FAQ

-->>Stinsonddog's Tip Site!

-->>Twitter


If someone helps, tell them by clicking the Thanks button.!!
Offline  
Old 01-20-2011, 09:05 AM   #3 (permalink)
BlackBerry Elite
 
knottyrope's Avatar
 
Join Date: Jan 2008
Location: Massachusetts
Model: Z30
OS: 10.2.1
PIN: t of blood has been taken
Carrier: AT&T-US with I dee ten tee errors
Posts: 6,726
Post Thanks: 272
Thanked 290 Times in 274 Posts
Default Re: Best Security Practices for a Bank Holding Company

Quote:
Originally Posted by KapsBB View Post
I work at a bank holding company, so we have many users with very sensitive data on their BlackBerry. I am wondering what would be the best policies and restrictions to implement in order to make sure all the data is secure on the BB especially if it is lost. These are our current security policies in place. We are running BES 5.0.

Password
Password Pattern Checks - Set it so no simple pass like 1234 or qwer can be used.
Maximum Password Age - 30 Days
Maximum Security Timeout - 15 Minutes
Minimum Password Length - 6
Password Required - Yes
Maximum Password History - 4
Suppress Password Echo - Yes
Maximum Password Attempts - 8
Password Timeout - 15 Minutes

Security
Disallow Third Party Applications Downloads - yes
Just how sensative is it?

also might want to make sure they cant forward an email to another account as well.

maybe even disbale BBM or at least set a peer to peer encryption key so only BES users to BES users can BBM.
__________________
irony : many old timer posters have de-evolved into the trolls they once fought
I am on http://supportforums.blackberry.com
BES 10 running sweet for my Passport, Z30, Z10 and Q10
Online  
Old 01-20-2011, 09:40 AM   #4 (permalink)
New Member
 
Join Date: Jan 2006
Location: Parsippany, NJ
Model: 8700c
PIN: 203D93F4
Carrier: AT&T
Posts: 8
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Best Security Practices for a Bank Holding Company

Quote:
Originally Posted by knottyrope View Post
Just how sensative is it?

also might want to make sure they cant forward an email to another account as well.

maybe even disbale BBM or at least set a peer to peer encryption key so only BES users to BES users can BBM.
Everything is regulated by the Federal Reserve. So it is mostly just making sure there are no incidents so we don't get fined.

I don't think it is necessary to disable forwarding as we can forward in Outlook. It seems to be more about making sure non-employees can't get any information from the device. Not stopping people from communicating with others in the company.

Although there are some groups that must keep all data in case there are legal issues. They aren't even allowed to use BBM.
Offline  
Old 01-20-2011, 10:22 AM   #5 (permalink)
Wireless Sith Lord
 
DarthBBerry's Avatar
 
Join Date: Jan 2007
Location: Online
Model: iOS 6
Carrier: Verizon x2
Posts: 1,458
Post Thanks: 2
Thanked 27 Times in 22 Posts
Default Re: Best Security Practices for a Bank Holding Company

Password
Password Pattern Checks - No Restrictions
Maximum Password Age - 90 Days
Maximum Security Timeout - 15 Minutes
With sensitive data, you may want to change that to less; like 5 minutes of inactivity.
Minimum Password Length - 6
Password Required - Yes
Maximum Password History - 4
Suppress Password Echo - Yes
This is debatable. If your user can't remember the password, perhaps actually seeing it on the screen will help. (I've had users say they set the password to 1234567654321 when in actuality is is "wersdfzfdsrew". They were looking at the numbers but not using the ALT key.)
Maximum Password Attempts - 8
If the end user can't remember their password after 6 attempts, they sure as heck ain't gonna get it at 8. My policy is set to 6.
Password Timeout - 15 Minutes

I also recommend that you put a Forbidden Password policy in place. 911 is a no-no in my environment. If you happen to have 911 in part of your password, your device may call 911 Emergency.

Security
Disallow Third Party Applications Downloads - No
You may be opening up for some strange 3rd party apps on devices. I've seen some really bizarre things make an OS go "POOF."

You may want to add:
User Can Change Timeout: No
Content Protection Strength: Strong
External File System Encryption Level: Encrypt to User Password (including multi-media directories)

Some type of password/encryption requirement for Bluetooth if allowed. Otherwise, disable it completely.
Same goes for Smart Card Readers.

__________________
DarthBBerry
6-Time BlackBerry World Champion (2007-2012)
BlackBerry® Certified Support Specialist v5.0
BlackBerry® Certified System Administrator v5.0
Offline  
Old 01-20-2011, 11:37 AM   #6 (permalink)
New Member
 
Join Date: Jan 2006
Location: Parsippany, NJ
Model: 8700c
PIN: 203D93F4
Carrier: AT&T
Posts: 8
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Best Security Practices for a Bank Holding Company

Quote:
Originally Posted by DarthBBerry View Post
Password
Password Pattern Checks - No Restrictions
Maximum Password Age - 90 Days
Maximum Security Timeout - 15 Minutes
With sensitive data, you may want to change that to less; like 5 minutes of inactivity.
Minimum Password Length - 6
Password Required - Yes
Maximum Password History - 4
Suppress Password Echo - Yes
This is debatable. If your user can't remember the password, perhaps actually seeing it on the screen will help. (I've had users say they set the password to 1234567654321 when in actuality is is "wersdfzfdsrew". They were looking at the numbers but not using the ALT key.)
Maximum Password Attempts - 8
If the end user can't remember their password after 6 attempts, they sure as heck ain't gonna get it at 8. My policy is set to 6.
Password Timeout - 15 Minutes

I also recommend that you put a Forbidden Password policy in place. 911 is a no-no in my environment. If you happen to have 911 in part of your password, your device may call 911 Emergency.

Security
Disallow Third Party Applications Downloads - No
You may be opening up for some strange 3rd party apps on devices. I've seen some really bizarre things make an OS go "POOF."

You may want to add:
User Can Change Timeout: No
Content Protection Strength: Strong
External File System Encryption Level: Encrypt to User Password (including multi-media directories)

Some type of password/encryption requirement for Bluetooth if allowed. Otherwise, disable it completely.
Same goes for Smart Card Readers.

Thanks! That is some good information.
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads for: Best Security Practices for a Bank Holding Company
Thread Thread Starter Forum Replies Last Post
I.M Security zerog46 Aftermarket Software 11 06-09-2008 07:29 PM
Sync Error....What could it be? kurrupt_1 General 8300 Series Discussion - Curve 7 11-22-2007 06:41 PM
Blackberry and bank security defdef General BlackBerry Discussion 2 08-09-2007 05:53 PM
Let's recap what we know about the "8300" ETPhoneHome General 8300 Series Discussion - Curve 19 03-12-2007 11:04 PM
How do you and your company handle security? Vads BES Admin Corner 7 09-02-2005 07:10 AM





Copyright © 2004-2014 BlackBerryForums.com.
The names RIM © and BlackBerry © are registered Trademarks of BlackBerry Inc.