Hi all

I have some questions around browser security on Blackberrys. As part of a 135 user base via our own BES we have recently taken the decision to remove the browser option from our Blackberrys. The theory.... A user could download and executable or other virus etc and send this mail to another user on the corporate network spreading a virus. Is there a solution to this risk? what have others done?

Regards

Wirelessly posted (8130, Bell Mobility: BlackBerry8130/4.3.0 Profile/MIDP-2.0 Configuration/CLDC-1.1 VendorID/109)

To my knowledge you cannot download files with the BlackBerry browser outside of specific recognized filetypes like Java apps, images and other media types. There may be some risk in a user installing a malicious Java app (although I haven't heard of any existing) but I believe you should be able to allow Browser access while restricting 3rd party app installation.

Wirelessly posted (8130, Bell Mobility: BlackBerry8130/4.3.0 Profile/MIDP-2.0 Configuration/CLDC-1.1 VendorID/109)

You could also set a restriction on your email server to prevent users from emailing high risk filetypes like EXE, RAR, COM, etc. This is a fairly standard restriction in many large organizations.

Seems a little extreme for there being no real threat. Your corporate network needs protection, not the BlackBerrys

You are rightfully concerned. A user could download BlackBerry application OTA (over the air), install it and that can be used to breach security of your environment.

As far as I know, and BES is not my area of expertise, you can restrict corporate devices what applications they can run and, may be, what applications they can install.
This may be a more reliable approach because you can still let people use any browser they want yet not allow them run or install not autorized software on blackberries.

All

Thanks for your replies which have given great food for thought

Regards