Best Security Practices for a Bank Holding Company
I work at a bank holding company, so we have many users with very sensitive data on their BlackBerry. I am wondering what would be the best policies and restrictions to implement in order to make sure all the data is secure on the BB especially if it is lost. These are our current security policies in place. We are running BES 5.0.
Password Password Pattern Checks - No Restrictions Maximum Password Age - 90 Days Maximum Security Timeout - 15 Minutes Minimum Password Length - 6 Password Required - Yes Maximum Password History - 4 Suppress Password Echo - Yes Maximum Password Attempts - 8 Password Timeout - 15 Minutes Security Disallow Third Party Applications Downloads - No |
Re: Best Security Practices for a Bank Holding Company
Moved to the BES Admin section - probably a better spot for your question.
|
Re: Best Security Practices for a Bank Holding Company
Quote:
also might want to make sure they cant forward an email to another account as well. maybe even disbale BBM or at least set a peer to peer encryption key so only BES users to BES users can BBM. |
Re: Best Security Practices for a Bank Holding Company
Quote:
I don't think it is necessary to disable forwarding as we can forward in Outlook. It seems to be more about making sure non-employees can't get any information from the device. Not stopping people from communicating with others in the company. Although there are some groups that must keep all data in case there are legal issues. They aren't even allowed to use BBM. |
Re: Best Security Practices for a Bank Holding Company
Password
Password Pattern Checks - No Restrictions Maximum Password Age - 90 Days Maximum Security Timeout - 15 Minutes With sensitive data, you may want to change that to less; like 5 minutes of inactivity. Minimum Password Length - 6 Password Required - Yes Maximum Password History - 4 Suppress Password Echo - Yes This is debatable. If your user can't remember the password, perhaps actually seeing it on the screen will help. (I've had users say they set the password to 1234567654321 when in actuality is is "wersdfzfdsrew". They were looking at the numbers but not using the ALT key.) Maximum Password Attempts - 8 If the end user can't remember their password after 6 attempts, they sure as heck ain't gonna get it at 8. My policy is set to 6. Password Timeout - 15 Minutes I also recommend that you put a Forbidden Password policy in place. 911 is a no-no in my environment. If you happen to have 911 in part of your password, your device may call 911 Emergency. Security Disallow Third Party Applications Downloads - No You may be opening up for some strange 3rd party apps on devices. I've seen some really bizarre things make an OS go "POOF." You may want to add: User Can Change Timeout: No Content Protection Strength: Strong External File System Encryption Level: Encrypt to User Password (including multi-media directories) Some type of password/encryption requirement for Bluetooth if allowed. Otherwise, disable it completely. Same goes for Smart Card Readers. |
Re: Best Security Practices for a Bank Holding Company
Quote:
|
All times are GMT -5. The time now is 01:39 AM. |
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.