BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 05-04-2005, 08:08 AM   #1 (permalink)
Knows Where the Search Button Is
 
lmcmullen's Avatar
 
Join Date: Apr 2005
Location: Atlanta, GA
Model: 7250
Posts: 19
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default How to Avoid Enterprise Activation

Please Login to Remove!

Hi,

my company has reciently installed a BES, and in that process has published some of the most draconian security policies imagionable (no PIN, SMS messaging, no email aggregation, etc).

It got so bad that I tossed the company provided BB in a drawer and went and bought another one.

I got it set up good to use the Web service for email aggregation, etc. but I've been scared to death about using the desktop redirector, or any of the other enterprise software for fear that they will push a policy down to my privately owned BB.

So the long and short of it is, what features can I use while still avoiding enterprise activation? Is it possible to use desktop redirector? how do I prevent the BES server from discovering my device?

Thank you in advance you will be helping me, and our entire sales force who have bought their own BB's and don't want them crippled.

L
__________________
------------------------------------------------------
The more I try to stort it, the more it gets distored....
...I sorta think I'm better off leaving it unsorted
------------------------------------------------------
Offline  
Old 05-04-2005, 08:15 AM   #2 (permalink)
Thumbs Must Hurt
 
Join Date: Feb 2005
Model: 7130
Carrier: Vodafone UK
Posts: 63
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Have you considered the BWC service? This is a internet based device which polls messages from your email account to a POP3 based account and thus displaying this on the device. The downside to this is that polling occurs every 15 minutes and emails deleted from the BB only get deleted from the BWC account as it is unable to reconcile with the email account.

To prevent the BES seeing your device, simply dont connect it to the server nor Desktop Manager/Redirector if this is connected to your office network.

I dont think there is any other alternative .. but im sure the gurus will be able to advise if so ... let the heavens shine!!!
Offline  
Old 05-04-2005, 08:19 AM   #3 (permalink)
Knows Where the Search Button Is
 
lmcmullen's Avatar
 
Join Date: Apr 2005
Location: Atlanta, GA
Model: 7250
Posts: 19
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by javed
Have you considered the BWC service?
To prevent the BES seeing your device, simply dont connect it to the server nor Desktop Manager/Redirector if this is connected to your office network.

I dont think there is any other alternative .. but im sure the gurus will be able to advise if so ... let the heavens shine!!!
yurp. I got the BWC service working good. I just want to be able to make a list of things not to do, to prevent my and other people's devices from being crippled by an over zealous IT security group.

L
__________________
------------------------------------------------------
The more I try to stort it, the more it gets distored....
...I sorta think I'm better off leaving it unsorted
------------------------------------------------------
Offline  
Old 05-04-2005, 08:42 AM   #4 (permalink)
BBF Veteran User
 
Join Date: Aug 2004
Location: Hotwiring another Cessna
Model: OU812
Carrier: Nintendo
Posts: 3,492
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

If it's a company provided blackberry, I would assume those security policies are there for a reason. Perhaps they didn't get voice/sms plan with the devices and don't want to pay for people text messaging their friends and family. I know we do similar practices if we see our phones/text messaging on devices steadily high.

Why not use the work blackberry for work email, and carry around your personal one for personal related things?
Offline  
Old 05-04-2005, 08:45 AM   #5 (permalink)
Knows Where the Search Button Is
 
lmcmullen's Avatar
 
Join Date: Apr 2005
Location: Atlanta, GA
Model: 7250
Posts: 19
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I'm an IT executive. I'm familar with our plans and etc. Trust me this is the security folks getting paranoid.

As to carrying 2 BBs, that is a non-starter
__________________
------------------------------------------------------
The more I try to stort it, the more it gets distored....
...I sorta think I'm better off leaving it unsorted
------------------------------------------------------
Offline  
Old 05-04-2005, 09:33 AM   #6 (permalink)
No longer Registered.
 
Dawg's Avatar
 
Join Date: Mar 2005
Location: Atlanta
Model: 8330
OS: 4.5.0.138
PIN: 31a6c9c9
Carrier: Verizon BIS
Posts: 13,963
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

two devices kind of defeats the purpose of a blackberry doesnt it.
Offline  
Old 05-04-2005, 09:56 AM   #7 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Apr 2005
Location: Roseville, Ca
Model: 9000
Carrier: ATT
Posts: 247
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

You hit the nail on the head with that one BUT, I still carry my phone and the BB.
__________________
Chris Luce
PIN: 20D5D63B
Offline  
Old 05-04-2005, 10:02 AM   #8 (permalink)
BBF Veteran User
 
Join Date: Aug 2004
Location: Hotwiring another Cessna
Model: OU812
Carrier: Nintendo
Posts: 3,492
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by Dawg
two devices kind of defeats the purpose of a blackberry doesnt it.
Well yes and no.

When switching to BES GW, we've recently had a plethora of complaints from users not being able to setup hotmail/gmail/yahoo and the like via BWC. As well as use instant messaging apps and games and so forth. Our opinion is "This is a work device, paid for by work, and used for relaying work email. If you want a device to check your hotmail with, buy your own."

Not meaning to change topics on you, but I can see where the IT/billing/whatever dept can get upset with this. Now, if something breaks because you're doing things that aren't supported or needed by your org, it's up to the IT dept to fix it. Why should we, as administrators, be responsible for users setting up work devices to function as personal PDA's?
Offline  
Old 05-04-2005, 10:09 AM   #9 (permalink)
Thumbs Must Hurt
 
Join Date: Feb 2005
Model: 7130
Carrier: Vodafone UK
Posts: 63
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

hmmm thats an intersting and valid point there!

2 devices is the way ahead then ;o)
Offline  
Old 05-04-2005, 10:10 AM   #10 (permalink)
No longer Registered.
 
Dawg's Avatar
 
Join Date: Mar 2005
Location: Atlanta
Model: 8330
OS: 4.5.0.138
PIN: 31a6c9c9
Carrier: Verizon BIS
Posts: 13,963
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I see your point about the IM But I cant see the reasoning behind blocking the email when they usually make you have the phone on 24/7 like some companys do.
Offline  
Old 05-04-2005, 10:12 AM   #11 (permalink)
Thumbs Must Hurt
 
Jason_AB's Avatar
 
Join Date: Apr 2005
Location: MO
Model: BOLD
Carrier: at&t
Posts: 164
Post Thanks: 0
Thanked 0 Times in 0 Posts
Talking

I am in the same boat. I use the desktop redirector for the corp. e-mail, works great. If you want to open attachments you have to send them to your blackberry account. I also use the BWC for all my personal e-mail. I have a total of 5 e-mail accounts all coming to my BB.

Down side I have found that you can’t accept or decline meeting request, no wireless sync with your outlook.

Our IT policy wouldn’t allow me to utilize that download from Nextel’s web site, can’t remember what it is called, it updates your e-mail every 15 minutes, something to do with Active X. Anyway redirector works great, I would suggest to enable permanent delete on your profile page, one or two attachments and you 10 megs will get full quick. You then have to log into your BWC account to delete some e-mails. Enabling permanent delete will keep this from happening.

I had to give up my laptop & VPN so I could always keep my BB on line with redirector, I hated this at 1st but after a month or so, I would have it no other way.
__________________
PIN: 4011A3B5
A luxury once sampled quickly becomes a necessity...
Frequently Wrong But Never In Doubt
Offline  
Old 05-04-2005, 12:18 PM   #12 (permalink)
Talking BlackBerry Encyclopedia
 
PhilMax's Avatar
 
Join Date: Mar 2005
Location: McKinney, Texas
Model: 7100g
Posts: 236
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

"Information Security" is no trivial matter. I personally know a company that lost hundreds of millions of dollars in a law suit because of internal documents that were "discovered". Depending on the company, the type of business, the type of information that is "vulnerable", the restrictions being applied may be there for a reason and may be quite justified.

On the other hand, I also recognize that paranoia can set in and policies carried to extremes. The proper solution is for management to sit down and really determine what it is they want to accomplish or "lock down" and not just implement every restriction there is just because they can.
Offline  
Old 05-04-2005, 12:22 PM   #13 (permalink)
Grumpy Moderator
 
NJBlackBerry's Avatar
 
Join Date: Aug 2004
Location: Somewhere in the swamps of Jersey
Model: i5s
Carrier: AT&T
Posts: 27,803
Post Thanks: 33
Thanked 442 Times in 382 Posts
Default

Wow; an IT Executive who does not appreciate the complexity and importance of IT Security, even on a BlackBerry. Very disappointing. Hope the Sarbanes-Oxley compliance weenies don't pay you a visit.

BTW - you WANT your security folks to be paranoid. That's so you can sleep....
Offline  
Old 05-04-2005, 01:52 PM   #14 (permalink)
Thumbs Must Hurt
 
Jason_AB's Avatar
 
Join Date: Apr 2005
Location: MO
Model: BOLD
Carrier: at&t
Posts: 164
Post Thanks: 0
Thanked 0 Times in 0 Posts
Post

Quote:
Originally Posted by NJBlackBerry
Wow; an IT Executive who does not appreciate the complexity and importance of IT Security, even on a BlackBerry. Very disappointing. Hope the Sarbanes-Oxley compliance weenies don't pay you a visit.

BTW - you WANT your security folks to be paranoid. That's so you can sleep....
Paranoid or Effective…

I know many paranoid people/groups/departments that are not effective. I guess some of both would be nice.
__________________
PIN: 4011A3B5
A luxury once sampled quickly becomes a necessity...
Frequently Wrong But Never In Doubt
Offline  
Old 05-04-2005, 02:03 PM   #15 (permalink)
Knows Where the Search Button Is
 
lmcmullen's Avatar
 
Join Date: Apr 2005
Location: Atlanta, GA
Model: 7250
Posts: 19
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by bfrye
Why should we, as administrators, be responsible for users setting up work devices to function as personal PDA's?
Totally off topic but I'll take a pass at this one...

Mainly the onus is on IT to be a customer service orginization, and part of that making folks lives more convienant. If you have a single MP3, email reminder from your wife to pick up milk or a schedule reminder of a doctors appointment in outlook, you're technically employing company computing resources for personal use. Yet most shops will give you a pass on this becuase well carrying 2 laptops, 2 phones, 2 pdas, etc would soon get silly.

We in IT need to draw a line, for sure, when it comes to supporting folks who have messed up their equipment with personal nonsense (such as downloading illegal MP3s or spyware, etc...) but we deal with this on a case by case basis, rather than as a general policy.

trust me, if we were all that security concious we'd turn off the web save for specially configured research workstations, and you'd see employee productivity skyrocket.

((now I gotta get back to work *grins*))

L
__________________
------------------------------------------------------
The more I try to stort it, the more it gets distored....
...I sorta think I'm better off leaving it unsorted
------------------------------------------------------
Offline  
Old 05-04-2005, 02:05 PM   #16 (permalink)
Grumpy Moderator
 
NJBlackBerry's Avatar
 
Join Date: Aug 2004
Location: Somewhere in the swamps of Jersey
Model: i5s
Carrier: AT&T
Posts: 27,803
Post Thanks: 33
Thanked 442 Times in 382 Posts
Default

But people are not responsible; social engineering works. See how fast the new Sober virus took off. People opened attachments, with bogus names, from people they didn't know. So security orgnaizations must take draconian steps.

People love "their" Internet. But not the spam. And stop the porn. But not the "legitimate" web sites I need to get to.
Offline  
Old 05-04-2005, 02:12 PM   #17 (permalink)
Knows Where the Search Button Is
 
lmcmullen's Avatar
 
Join Date: Apr 2005
Location: Atlanta, GA
Model: 7250
Posts: 19
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Oh I appreciate the importance of IT Security. I am currious as to what security benefit there is to prohibiting PIN to PIN, SMS, and external email messages. That said, if as I mentioned in another message, if we were all that concerned we'd just turn the web off save for a few specially configured research workstations and watch the incidence of virus & worm attacks fall off, and productivity skyrocket.

The finer point is balancing good security practice with good customer service. Alot of the blackberries used at my company are privately owned, purchased by our commissioned sales force, and we gotta be real careful about how draconian we are with people's personal devices particularly in light of the fact that once secured they can't be unsecured except by another BES (well out of the talents of your typical sales guy).

----------

P.S. I'm responsible for compliance.

L
__________________
------------------------------------------------------
The more I try to stort it, the more it gets distored....
...I sorta think I'm better off leaving it unsorted
------------------------------------------------------
Offline  
Old 05-04-2005, 02:13 PM   #18 (permalink)
Knows Where the Search Button Is
 
lmcmullen's Avatar
 
Join Date: Apr 2005
Location: Atlanta, GA
Model: 7250
Posts: 19
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I vote we turn the whole dang thing off... *grins*
__________________
------------------------------------------------------
The more I try to stort it, the more it gets distored....
...I sorta think I'm better off leaving it unsorted
------------------------------------------------------
Offline  
Old 05-04-2005, 02:16 PM   #19 (permalink)
Knows Where the Search Button Is
 
lmcmullen's Avatar
 
Join Date: Apr 2005
Location: Atlanta, GA
Model: 7250
Posts: 19
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

You are right in a sense, we do want security folks which are reasonably paranoid.

Going along with that, though is the assumption that they are also pretty well informed about what possible threats exist.

There is little security issue with PIN to PIN messaging. There are compliance issues, they should probably be archived (as should email, IM, and any other means of electronic communication). But prohibited, I don't see the need.

L
__________________
------------------------------------------------------
The more I try to stort it, the more it gets distored....
...I sorta think I'm better off leaving it unsorted
------------------------------------------------------
Offline  
Old 05-04-2005, 02:33 PM   #20 (permalink)
BBF Veteran User
 
Join Date: Aug 2004
Location: Hotwiring another Cessna
Model: OU812
Carrier: Nintendo
Posts: 3,492
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by lmcmullen
Totally off topic but I'll take a pass at this one...

Mainly the onus is on IT to be a customer service orginization, and part of that making folks lives more convienant. If you have a single MP3, email reminder from your wife to pick up milk or a schedule reminder of a doctors appointment in outlook, you're technically employing company computing resources for personal use. Yet most shops will give you a pass on this becuase well carrying 2 laptops, 2 phones, 2 pdas, etc would soon get silly.

We in IT need to draw a line, for sure, when it comes to supporting folks who have messed up their equipment with personal nonsense (such as downloading illegal MP3s or spyware, etc...) but we deal with this on a case by case basis, rather than as a general policy.

trust me, if we were all that security concious we'd turn off the web save for specially configured research workstations, and you'd see employee productivity skyrocket.

((now I gotta get back to work *grins*))

L
So as pretty much the primary wireless engineer here, along with one of 3 mail admins for an org of more than 15,000 people, as well as keeping up with monitoring of about 90-120 servers in multiple locations, now I have to make sure our users can check their stocks, get their ringtones and view their aol and hotmail on their work blackberries?

I agree, I try to help people as much as I can, but I have to draw a line as well. If I can avoid people calling up and saying (I don't know, I didn't do anything and it just stopped getting email), then come to find out they did the work to figure out the BWC side and setup their hotmail and screwed something up. No thank you. I would rather shut it off completely and support the device for what it has been setup to be used for.

I had a user 2 weeks ago complain that his blackberry wasn't saving any of his email after 24hrs. I, of course, can tell immediately something was done to the device because it has 0 memory, 4 themes loaded and about 50 various ringtones and games downloaded to the thing. It was starving for space. Of course, the user doesn't know how any of it got there.. "It must've come on the device..." If I can eliminate the ability to do such things, I will. It saves my time and their time and the loss of production from not having the required hardware to do his/her job.
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright © 2004-2014 BlackBerryForums.com.
The names RIM © and BlackBerry © are registered Trademarks of BlackBerry Inc.