BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 07-06-2005, 05:55 PM   #1 (permalink)
BlackBerry Extraordinaire
 
Soapm's Avatar
 
Join Date: Apr 2005
Location: The Mile Hi City
Model: 9780
OS: 6.0
Carrier: TMO
Posts: 2,790
Post Thanks: 3
Thanked 4 Times in 4 Posts
Default My company won't leave me alone

Please Login to Remove!

I just got my BB running just the way I want it. I have everything except wireless syncing of contacts cuz we still have BES 3.6. I've got the filters set just right, level 1 alerts just right and finally got every rule I can imagine set in outloook, you guessed it, just right. Life is GREAT.

I just got a call from IT, the company has now concluded that a personal BB on the company email is a security risk and they will all soon be turned off. I asked how can a personal BB be anymore a security risk than a company paid one especially since MDS (internet) is shut off on the BES. They had no answer except their management concluded that personal BB's are a security risk.

How can these guys make my life any omre miserable? I know some of you guys work in IT, I ask, please consider the impact of the end user before making changes, try and let them know in advance.
Offline  
Old 07-06-2005, 06:10 PM   #2 (permalink)
CrackBerry Addict
 
ladydi's Avatar
 
Join Date: Jun 2005
Location: Washington
Model: 8800
Carrier: T-mobile
Posts: 848
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I work in IT and I too have been burned by these sorts of policies. They don't usually come from the unfortunate soul who had to call and give you the bad news, but from managers whose attention somehow got drawn in the direction of wireless devices. A managers' job is to write policy and if there is no policy to write, then they have no job.

Realistically, IT doesn't want to support personal devices. It becomes a very time consuming headache and frustrating for the user when the device doesn't work and IT has no power to replace it.

The security risk is that if company info gets out because you left your personal device lying around, it's the company's fault for not forbidding it. If the info gets out because you left a company device lying about, they can fire you or hold you financially responsible for it. At least that is the way it is in municiple gov in WA.
__________________
~Di~
Windows 2003
Exchange 2003
BES 4.1
Offline  
Old 07-06-2005, 06:12 PM   #3 (permalink)
CrackBerry Addict
 
T-Roy's Avatar
 
Join Date: Jan 2005
Model: 8800
Carrier: Darth Vader
Posts: 704
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

All BlackBerry models meet the strict security requirements of ...other BlackBerries... so your IT dept. sounds uneducated. Infact I would recommend not using a personal BlackBerry if your company provides you with one only because they can apply IT Policies to your handheld that you cannot remove.
Offline  
Old 07-06-2005, 06:12 PM   #4 (permalink)
Thumbs Must Hurt
 
Join Date: Dec 2004
Model: 8700C
Carrier: Cingular
Posts: 54
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I think it generally has more to do with getting the data OFF the personal Blackberry if you leave the company--and the mess of supporting personal equipment. Unfortunately, not all users are self-sufficient with their own devices.

Your company still has to pay for the BES CAL--if you have a business need for a Blackberry, make them pay for it. If you don't have a need--why make the company pay for the CAL or deal with the mess of getting it off your personal equipment when you leave the company?

Last edited by MarvinK : 07-06-2005 at 06:16 PM.
Offline  
Old 07-06-2005, 08:13 PM   #5 (permalink)
BlackBerry Extraordinaire
 
Soapm's Avatar
 
Join Date: Apr 2005
Location: The Mile Hi City
Model: 9780
OS: 6.0
Carrier: TMO
Posts: 2,790
Post Thanks: 3
Thanked 4 Times in 4 Posts
Default

Recently the company gave us the choice of using our own BB and they reimberse for the data plan or we could get the company BB which comes without the phone enabled. Since I had my own I chose to use it to keep from carrying more than one device. This was the sole reason i bought this BB, was to keep from carrying more than one device (pager and phone) and to keep from having to log on the old laptop to see if anything urgent was in my mail.

i do see the point about company data though I don't really "store" anything on the BB since it has only 32 megs of memory. We used to be able to log into the company from my personal home puter but they shut that off also. I guess times are changing and security is now the hot word of the day...
Offline  
Old 07-06-2005, 08:41 PM   #6 (permalink)
BlackBerry God
 
jibi's Avatar
 
Join Date: Oct 2004
Location: Jibi's Secret Place
Model: 8900
OS: 4.6.1.174
Carrier: AT&T
Posts: 11,310
Post Thanks: 0
Thanked 1 Time in 1 Post
Default

Welcome to the world of Sarbanes-Oxley...

I think the point about termination/separation is the only real security risk. They can push down policy one way or the other. I know you've been contacting your administrators lately (atleast I gather that), so that may be another issue that has caused the new policy.

If they gave you the option in the first place, then I'd try and push that. Or, at the very least, get reimbursed for your handheld (if you can), assuming that you had to pay out of pocket.
__________________
In the beginning the Universe was created. This has made a lot of people very angry and is widely regarded as a bad move.
Offline  
Old 07-06-2005, 08:54 PM   #7 (permalink)
Thumbs Must Hurt
 
Rancor's Avatar
 
Join Date: Jun 2005
Location: Dathomir
Model: 7730
Carrier: Zefr
Posts: 171
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by T-Roy
All BlackBerry models meet the strict security requirements of ...other BlackBerries... so your IT dept. sounds uneducated. Infact I would recommend not using a personal BlackBerry if your company provides you with one only because they can apply IT Policies to your handheld that you cannot remove.
Strict security requirements can also include restricting the ability to send sensitive information outside the company walls.
Personal Blackberry’s are something that allows unregulated communications and can be considered a security risk.
Yes, so too do mobile phones, they are also just as risky.
In some cases the Outbox for snail mail can be a huge risk too.
An employee can simply place a document in an envelope and send it outside if mail is not closely monitored.

My guess this is one of the reasons you do not find cameras on the Blackberry's, imagine that. Click, send, Top secret exposed.
Blackberry's would be banned everywhere.
eg. Many car manufacturers will not even allow mobile phones with cameras into their factories for that reason.

So before you send your mind below the belt, measuring the tightness of your IT departments anus, think about the type of information your company might be protecting and respect their right to protect it.

Of course some IT managers are just plain Tight Arses!
__________________
!
Offline  
Old 07-06-2005, 10:00 PM   #8 (permalink)
BlackBerry Extraordinaire
 
Soapm's Avatar
 
Join Date: Apr 2005
Location: The Mile Hi City
Model: 9780
OS: 6.0
Carrier: TMO
Posts: 2,790
Post Thanks: 3
Thanked 4 Times in 4 Posts
Default

Quote:
Originally Posted by jibi
Welcome to the world of Sarbanes-Oxley...

I know you've been contacting your administrators lately (atleast I gather that), so that may be another issue that has caused the new policy.
I think you hit the nail on the head. I think my ticket opening days have ended and hopefully they will forget I exist...
Offline  
Old 07-07-2005, 08:23 AM   #9 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: May 2005
Location: Baltimore, MD
Model: Pearl
Carrier: T-Mobile
Posts: 210
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Guys who have corporate devices generally have to sign various forms agreeing to how the device will be used, handled, etc and what may/may not happen in the event of loss. Legally, I'd have a very difficult time enforcing my strict policy on a device not owned by the company.

In companies where only "mission critical" guys get BBs, I've seen instances where some employees wanted Blackberries anyway, bought them out-of-pocket and were allowed to activate on the BES. When these BBs were lost w/ no insurance, the employees expected the company to buy them new ones. Though, the same could be said for employees who use personal laptops on the corporate hotspot.

Being that I'm the guy who writes IT policy for my company, I'd have to side w/ the company on this one. If we didn't buy it, I wouldn't want it on our network. Too much potential for headaches.
__________________
Jay™

Nextel 7520 | BES 4.0 | HS810 Headset
PIN: 400809E0

"a One that isn't cold is scarcely a One at all"
Offline  
Old 07-07-2005, 08:51 AM   #10 (permalink)
BBF Veteran User
 
Join Date: Aug 2004
Location: Hotwiring another Cessna
Model: OU812
Carrier: Nintendo
Posts: 3,492
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

We're the same way...

We've had this discussion before though, and the bottom line is if you're going to put your BB on your company's BES, then you must adhere to thier security policies.

If you're going to use a company BB, then don't expect to be able to play with it like your personal BB.

Those policies are there for a reason. Even if you don't see the reason, someone else does.

They might deny MDS access globally because they pay a per/Kb usage charge and don't want users running up charges with instant messenger apps or browsing the internet.

They might not want users setting up their personal email because it could violate the integrity of the company if personal/business emails get mixed up and inadvertently sent out.
Offline  
Old 07-08-2005, 11:15 AM   #11 (permalink)
New Member
 
Join Date: Jul 2005
Model: 8703e
Carrier: Verizon
Posts: 1
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I have a sneaky suspicion that I know exactly who Soapm works for and all I can say is build a bridge and get over it. I manage the BES servers for the company and corporate information on a personal device is in direct violation of the MSB. If you think you know better how security should be run and the policies they have to answer for should be enforced, then apply for a position.

We push corporate policy to the handhelds and the personal users are the first to complain even though you had to agree to all terms prior to being allowed on the BES. Not to mention the thousands of users we have to manage for BB’s alone and pay for the CAL’s out of our expense budget.

If you have legitimate business justification for a BB then request one from your management. If not, keep crossing that bridge boss.
Offline  
Old 07-08-2005, 11:18 AM   #12 (permalink)
BBF Veteran User
 
Join Date: Aug 2004
Location: Hotwiring another Cessna
Model: OU812
Carrier: Nintendo
Posts: 3,492
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

touche...
Offline  
Old 07-08-2005, 12:09 PM   #13 (permalink)
CrackBerry Addict
 
dkmadrid's Avatar
 
Join Date: Feb 2005
Location: Pueblo, CO
Model: 9530
Carrier: Verizon
Posts: 712
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Well put...
__________________
Now you can call me STORMin' Norman, except my name isn't Norman.
Offline  
Old 07-08-2005, 06:04 PM   #14 (permalink)
Talking BlackBerry Encyclopedia
 
jscully's Avatar
 
Join Date: Dec 2004
Location: Toronto, Ontario
Model: 9530
OS: 5.0.0.419
PIN: 3066853A
Carrier: Bell Mobility
Posts: 329
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

My 2 cents....
the strength of a BES really is to wirelessly sync contacts, and run some crazy MDS programs....
write it off as a loss, you're not using the BES to sync anyway!
Remove yourself from the BES, and in your regular e-mail (Outlook), run a rule to foward a copy of all e-mail to your blackberry, and no-one will be any the wiser.
for the crazy MDS programs, look to the other solutions (mailstreet) etc.
lates,
scully
Offline  
Old 07-08-2005, 08:48 PM   #15 (permalink)
BlackBerry Extraordinaire
 
Soapm's Avatar
 
Join Date: Apr 2005
Location: The Mile Hi City
Model: 9780
OS: 6.0
Carrier: TMO
Posts: 2,790
Post Thanks: 3
Thanked 4 Times in 4 Posts
Default

Quote:
Originally Posted by aspen_leaf
I have a sneaky suspicion that I know exactly who Soapm works for and all I can say is build a bridge and get over it. I manage the BES servers for the company and corporate information on a personal device is in direct violation of the MSB...

If you have legitimate business justification for a BB then request one from your management. If not, keep crossing that bridge boss.
This is exactly what I mean, I can't even vent my frustrations to a group of virtual friends without the company finding me and making me feel small. Sometimes I feel like I'm going to wake up and realize this was all a dream. Well I got other things to cry about now, the wife just found out her cancer is back and terminal. Really sucks to be me these days but i'll keep crossing my bridge...

Thanks
Offline  
Old 07-08-2005, 09:09 PM   #16 (permalink)
Thumbs Must Hurt
 
SDCromer's Avatar
 
Join Date: May 2005
Location: Upstate South Carolina
Model: 9650
OS: v6.0.0.43
Carrier: Verizon
Posts: 148
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by jibi
Welcome to the world of Sarbanes-Oxley...
SOX has made my life much less convenient. I am part of our company's 25 user Blackberry pilot program. We just got BES up and running and life was good. Then all of a sudden I have to enter a 7 character password and I have a timeout of just 15 minutes. Do you know what a pain in the a$$ it is to enter 7 charachters and then hit the enter key just to make a phone call? I have seriously considered boxing up the Blackberry and sending it back.
__________________
9650 on Verizon
Offline  
Old 07-26-2005, 02:29 PM   #17 (permalink)
New Member
 
Join Date: Jun 2005
Model: 7100T
Posts: 7
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by aspen_leaf
I have a sneaky suspicion that I know exactly who Soapm works for and all I can say is build a bridge and get over it. I manage the BES servers for the company and corporate information on a personal device is in direct violation of the MSB. If you think you know better how security should be run and the policies they have to answer for should be enforced, then apply for a position.

We push corporate policy to the handhelds and the personal users are the first to complain even though you had to agree to all terms prior to being allowed on the BES. Not to mention the thousands of users we have to manage for BB’s alone and pay for the CAL’s out of our expense budget.

If you have legitimate business justification for a BB then request one from your management. If not, keep crossing that bridge boss.
I agree. I am in the same type of role at another large company. It's not just security policy. There are many issues with personally owned blackberry devices:

1. Corporate data residing on a personal device: This is both a security and legal risk. There are controls to minimize these risks but it adds layers of complexity to centrally managing the program. Sarbanes Oxley makes this even more complicated. It is much more ideal for the device to be a corporate asset vs. a personal asset.

2. Personal blackberry connecting to corporate email system via BES vs. desktop email redirector: One is "secure" while the other is not. Most personal users try to setup a desktop redirector that is not secure or encrypted. And do you really want your sensitive corporate email being forwarded through some third party service provider in an unencrypted format?

3. Licensing: CALs are not free. Additional budget considerations need to be made for personal devices connecting to the BES.

4. Scalability Each BES can only scale to around 2,000 users. Servers are not free and neither is the data center and associated support costs. The cost of adding additional servers can be prohibitive to any corporate blackberry program. And just like the CAL's, there is no way to recover these infrastructure costs internally from personal users.

5. Support There are limited support resources as it is for corporate devices which are usually the same model and code version. Now add personal devices and all those variables to the mix. It adds complexity and costs that cannot be recovered.

These are just some of the reasons why many companies do not allow personal blackberry devices.
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright © 2004-2014 BlackBerryForums.com.
The names RIM © and BlackBerry © are registered Trademarks of BlackBerry Inc.