Blackberry Security Software
I bought a Blackberry 8703e for myself through my company as Verizon had a 17% discount on the monthly plan and the phone was free for employees of my company. I used it for a few months and it was great. After suing the phone a couple of months my company offered to add my work e-mail to my phone.
Little did I realize the security changes that would be made. I no longer can send text messages. I cannot send outgoing emails except from my work email address. I cannot add any other email accounts to receive email from my personal email accounts. I have to enter a password to read my email if the phone is inactive for 30 minutes. The password has to be so complicated that you pretty much cannot enter it while driving, so I cannot read my new emails while driving.
I was hoping someone knew a way to override or deactivate these security changes?
As long as you are connected to the corporate BES, you can not get rid of the security IT Policy....
Nor should you want to.
I am constantly amazed how willing people are to install software on their bb's without a clue of what it might be doing.
For example, how many times do you see an offer for a "free trial of application x"? Dozens of people jump on it and install it.
Now what if that software were really reflecting your emails to a third party? What if they employ keystroke logging and forwarding? What if they are really just SPAM engines?
Even something as trivial as a spell checker is sending the contents of your messages to a third party server. You may trust Google, or netenza, but that's your choice. (and yes, I have removed the spell checker I got working yesterday as a test).
None of these issues have bitten this community yet. And I say "yet" with a hunch that it won't be "ever".
The information on our bb's is extremely valuable to us. Considering some of the people you see carrying them - from military to political to cxo's - I'm sure it is extremely valuable to someone else. It won't take a lot of skill to read it.
Just a thought from a security perspective.
For the information. I guess I do not have a good enough understanding of the security risks involved.
I do not want to install any software. I was hoping to be able to text my wife when I am stuck in a meeting or running late. Or text a co-worker when we are meeting out of the office. We all don't have Blackberrys.
Also I currently receive incoming emails from two accounts other than my work email. These were setup prior to being added to the company BES. So why shouldn't I be able to add my gmail account or any other incoming email account? What is the risk?
What is the risk from being able to send outgoing email from other accounts, such as my Blackberry assigned email account that I got when I bought the device?
These are all things I don't quite understand or have enough knowledge of, but thank for your info.
At the end of the day BB has a WIDE range of policies that enable your IT department to lock down the device (as you've found). Often these make sense as they allow the IT dept to control the usage of the device - sometimes you've got a control freak dropping in policies cos' they can.
It all comes down to 3 things: -
1) Size of company - the larger, the tighter the policy (IMHO)
2) Need for external regulatory compliance - sabennes oxley et al
3) Cost Control..
Out of your list of 'issues' I'd say the text messaging thing is a little lame as it's a great device for texting..plus with the logging on 4.1.2 you can log every text message sent (and content thereof). The email thing might be there to ensure regulatory compliance...whilst you might not want to text commercial stuff to a 3rd party via your prosumer account, other people might...
Have you tried asking your admin nicely over lunch or a beer - you might even find theres different policies in place for different user groups - and so you could get added to a less restrictive IT policy group?
Why no personal email? Hmm, that's a good one. My guess is it's one or more of the following:
-- I can forward BES based company email out through a BIS server, thereby completely avoiding any company record of me sending an internal document outside of the company. I can do this with my PC as well, so I'm not really convinced of this one. Data leakage happens (but it can happen invisibly this way).
-- It's possible you will receive some form of a virus/malware/trojan via your BIS email and transfer that to your company computers. It might not be something that effects your bb, but would effect your laptop or other company hw. You don't have to look much further than todays news item detailing how new TomTom GPS devices are infecting PC's they attach to with trojan horses. It doesn't effect the gps display (running linux), but it does effect your PC. Again, I can do this with my laptop also.
-- Some efficiency expert looked at use habits and doesn't want you to be able to sit in meetings looking like you are doing real work when you are really IM'ing a buddy or reading personal email. Nah, couldn't be.
-- Likewise, some admin somewhere detests the fact that you might be having fun, and hates the thought of it. Nah, couldn't be.
-- It's your wifes idea, or the wife of your CSO (even if you or your CSO are woman). ;^)
I could understand that if it was a company phone (e.g. your company is paying for the service and perhaps it is pay-per-use SMS or limited data)... but that is pretty lame if they're disabling those features on a personal phone of yours.
I would talk to someone on your IT staff and ask them if they can give you a less restrictive policy. Actually, don't say "may I have a less restrictive policy." I'd approach them with the idea that maybe it would be beneficial to have less restrictive policies for people who pay for their own plans.
|All times are GMT -5. The time now is 04:55 AM.|
Powered by vBulletin® Version 3.6.12
Copyright ©2000 - 2015, Jelsoft Enterprises Ltd.