BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 05-04-2005, 04:23 PM   #1 (permalink)
Thumbs Must Hurt
 
djbeenie's Avatar
 
Join Date: Feb 2005
Location: Jefferson Ga.
Model: 8900
PIN: 20F7C0E8
Carrier: TMO
Posts: 151
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Anyone know a link to some good IT policy information?

Please Login to Remove!

Thanks!
__________________
Pin: 20F7C0E8
TMO 8900 - Exchange 2007 SP1 - BES 4.1.6
Offline  
Old 05-04-2005, 08:59 PM   #2 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Feb 2005
Model: 7280
Carrier: cingular, no wait, AT&T
Posts: 300
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

What do you mean? Best practices, how to do it, what?
Offline  
Old 05-04-2005, 09:55 PM   #3 (permalink)
BlackBerry God
 
jibi's Avatar
 
Join Date: Oct 2004
Location: Jibi's Secret Place
Model: 8900
OS: 4.6.1.174
Carrier: AT&T
Posts: 11,310
Post Thanks: 0
Thanked 1 Time in 1 Post
Default

you could read the administration PDF. it pretty much goes into detail what each option does and doesn't do.
__________________
In the beginning the Universe was created. This has made a lot of people very angry and is widely regarded as a bad move.
Offline  
Old 05-05-2005, 07:03 AM   #4 (permalink)
Thumbs Must Hurt
 
djbeenie's Avatar
 
Join Date: Feb 2005
Location: Jefferson Ga.
Model: 8900
PIN: 20F7C0E8
Carrier: TMO
Posts: 151
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Yeah best practices. Sorry I wasn't clear.
__________________
Pin: 20F7C0E8
TMO 8900 - Exchange 2007 SP1 - BES 4.1.6
Offline  
Old 05-05-2005, 11:44 AM   #5 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Feb 2005
Model: 7280
Carrier: cingular, no wait, AT&T
Posts: 300
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by djbeenie
Yeah best practices. Sorry I wasn't clear.
Best practices... well, forcing passwords is a good idea. Preventing 3rd party apps from being loaded will prevent unnecessary junk from getting installed by your end-users (but, oh, they will complain... THEY WILL COMPLAIN!).
Anyhow, after that, you have to figure out what you want. The IT Policy is quite detailed...
I can't make the decisions for you, so you need to know what you want the users able to do, and unable to do. SMS text messages? Phone calls? Do either of those have an impact on the bottom line?
Offline  
Old 05-05-2005, 01:47 PM   #6 (permalink)
Talking BlackBerry Encyclopedia
 
PhilMax's Avatar
 
Join Date: Mar 2005
Location: McKinney, Texas
Model: 7100g
Posts: 236
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

The admin guide has "Sample IT Policies" at the end of Appendix A
__________________
Me? 7130C/BES

Who says they can't teach an 'old dog' new tricks!
Offline  
Old 05-05-2005, 03:03 PM   #7 (permalink)
BlackBerry God
 
jibi's Avatar
 
Join Date: Oct 2004
Location: Jibi's Secret Place
Model: 8900
OS: 4.6.1.174
Carrier: AT&T
Posts: 11,310
Post Thanks: 0
Thanked 1 Time in 1 Post
Default

Not to mention that a 'best practices' should likely be applied using your current security policy as a guide. Just my two cents.
__________________
In the beginning the Universe was created. This has made a lot of people very angry and is widely regarded as a bad move.
Offline  
Old 05-05-2005, 03:16 PM   #8 (permalink)
Thumbs Must Hurt
 
djbeenie's Avatar
 
Join Date: Feb 2005
Location: Jefferson Ga.
Model: 8900
PIN: 20F7C0E8
Carrier: TMO
Posts: 151
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by DoomBringer
Best practices... well, forcing passwords is a good idea. Preventing 3rd party apps from being loaded will prevent unnecessary junk from getting installed by your end-users (but, oh, they will complain... THEY WILL COMPLAIN!).
Anyhow, after that, you have to figure out what you want. The IT Policy is quite detailed...
I can't make the decisions for you, so you need to know what you want the users able to do, and unable to do. SMS text messages? Phone calls? Do either of those have an impact on the bottom line?
Well I was looking at the IT Policy, only thing I really see valuable is the passwords and restricting 3rd party apps. But hey they bought their own BB's, so what gives me the right to lock down any of them. lol

Cool guys, thanks for the info.

Regards,
Bryan
__________________
Pin: 20F7C0E8
TMO 8900 - Exchange 2007 SP1 - BES 4.1.6
Offline  
Old 05-05-2005, 03:33 PM   #9 (permalink)
BlackBerry God
 
jibi's Avatar
 
Join Date: Oct 2004
Location: Jibi's Secret Place
Model: 8900
OS: 4.6.1.174
Carrier: AT&T
Posts: 11,310
Post Thanks: 0
Thanked 1 Time in 1 Post
Default

Quote:
Originally Posted by djbeenie
But hey they bought their own BB's, so what gives me the right to lock down any of them.
c'mon now bryan. you're an admin, so you're supposed to have a powertrip from time to time. but to answer that question, despite them having their own purchased handhelds, they still are on your network and still present a potential security risk by being open. i'm not sure where you're working now, but at your previous job, i can guarantee that they would agree with me.
__________________
In the beginning the Universe was created. This has made a lot of people very angry and is widely regarded as a bad move.
Offline  
Old 05-05-2005, 03:56 PM   #10 (permalink)
Talking BlackBerry Encyclopedia
 
PhilMax's Avatar
 
Join Date: Mar 2005
Location: McKinney, Texas
Model: 7100g
Posts: 236
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Not specific to BBs, but to PDAs in general, go here:

http://www.rimroad.com/articles/2005...rity-Part.html
__________________
Me? 7130C/BES

Who says they can't teach an 'old dog' new tricks!
Offline  
Old 05-05-2005, 10:11 PM   #11 (permalink)
jdh
Thumbs Must Hurt
 
Join Date: Mar 2005
Location: Toronto
Model: 8700
Carrier: Rogers
Posts: 121
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by djbeenie
But hey they bought their own BB's, so what gives me the right to lock down any of them.
Well, the usual logic is that if they want to connect their device to your network, they have to abide by your policies... As a consultant, I find more and more of my clients implementing "Foreign Equipment Policies" which my own personal notebook has to conform to before I'm allowed to plug it into a piece of their Ethernet cable.

In the case of a Blackberry, there are two important factors... Firstly, it contains corporate e-mail, which in most organizations is easily deemed to be the property of the corporation. Secondly, if you have MDS enabled, the MDS Browser can access any web services inside your firewall, which makes the devices an even further security risk.
Offline  
Old 05-06-2005, 09:46 AM   #12 (permalink)
Thumbs Must Hurt
 
djbeenie's Avatar
 
Join Date: Feb 2005
Location: Jefferson Ga.
Model: 8900
PIN: 20F7C0E8
Carrier: TMO
Posts: 151
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by jdh
Well, the usual logic is that if they want to connect their device to your network, they have to abide by your policies... As a consultant, I find more and more of my clients implementing "Foreign Equipment Policies" which my own personal notebook has to conform to before I'm allowed to plug it into a piece of their Ethernet cable.

In the case of a Blackberry, there are two important factors... Firstly, it contains corporate e-mail, which in most organizations is easily deemed to be the property of the corporation. Secondly, if you have MDS enabled, the MDS Browser can access any web services inside your firewall, which makes the devices an even further security risk.

Good point! I didnt realize all the factors that could be at risk. Thank you for the pointers. Forgive me I am still learning as I go.

Quote:
c'mon now bryan. you're an admin, so you're supposed to have a powertrip from time to time. but to answer that question, despite them having their own purchased handhelds, they still are on your network and still present a potential security risk by being open. i'm not sure where you're working now, but at your previous job, i can guarantee that they would agree with me.
HAHA I know, Got to understand this company. This whole company is spoiled rotten, they get what they want. HAHA But that is no excuse. Thank you for the advice. I will be pushing out policys now. Thank you!

Regards,
Bryan
__________________
Pin: 20F7C0E8
TMO 8900 - Exchange 2007 SP1 - BES 4.1.6
Offline  
Old 05-06-2005, 10:08 AM   #13 (permalink)
Thumbs Must Hurt
 
djbeenie's Avatar
 
Join Date: Feb 2005
Location: Jefferson Ga.
Model: 8900
PIN: 20F7C0E8
Carrier: TMO
Posts: 151
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Well another thing, MDS is connected directly to the internet, not to any internal sites other than the exchange.
__________________
Pin: 20F7C0E8
TMO 8900 - Exchange 2007 SP1 - BES 4.1.6
Offline  
Old 05-06-2005, 12:09 PM   #14 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Feb 2005
Model: 7280
Carrier: cingular, no wait, AT&T
Posts: 300
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by djbeenie
Well another thing, MDS is connected directly to the internet, not to any internal sites other than the exchange.
If MDS is on the corporate LAN, then it can access any of the intranet sites. Try it. You should be able to resolve any internal sites from the BB that has MDS enabled.
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright 2004-2014 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.