[machiavell1]

I have searched for this and found some partial responses. Additionally, I didn't want to resurrect age old threads, so please excuse this.

Leaving aside the legality one way or another (I am a lawyer and I am well aware of the various arguments relating to privacy expectations and practice at work), I wanted to know how much the employer can monitor in the following scenario (which is the scenario I have been offered at work!).

Using my personal blackberry, provisioned for work emails and berry messenger on BES and voice calls on the corporate account, but with my own personal emails coming through BIS.

I gather from the prior search I have made that my employer can basically (if it so chooses) read all BES emails, the contents of all SMS and get call logs. Additionally, it seems that it can also monitor my berry messenger chats (together with all websites etc) - is that correct?

Secondly - and this is the bit I couldn't get an answer to - can my employer read the emails delivered by BIS or is that somehow segregated away from the monitoring that can be done on BES?

Thanks in advance.

[kjjb0204]

If you are on BES, the BES admin can see anything and everything you do on your BB. Whether it's ethical or legal, I don't know. If it's a company issued device, they have every right to see what they want. If it's a personal device and they allowed you to activate on their BES, not sure if they have the right to view your personal activity, but they certainly have the ability.

[machiavell1]

Quote:

Originally Posted by kjjb0204

If you are on BES, the BES admin can see anything and everything you do on your BB. Whether it's ethical or legal, I don't know. If it's a company issued device, they have every right to see what they want. If it's a personal device and they allowed you to activate on their BES, not sure if they have the right to view your personal activity, but they certainly have the ability.

Thanks for quick reply - that's helpful to understand: so (from a technical rather than ethical or legal position) that includes the content of BIS delivered emails also?

[CO_BBTechie]

Actually the BES does not currently have monitoring capabilities for your BIS email. That traffic is routed through your own carrier connection and not your BES connection.

Corp email, SMS, PIN, phone logs are all able to be monitored, logged, and stored.

[machiavell1]

Quote:

Originally Posted by CO_BBTechie

Actually the BES does not currently have monitoring capabilities for your BIS email. That traffic is routed through your own carrier connection and not your BES connection.

Corp email, SMS, PIN, phone logs are all able to be monitored, logged, and stored.

Now that was the answer I was looking for - so, if I want a modicum of privacy, (short of my employer actually seizing and examining my berry of course....) I can send and receive my own email on BIS without their ability to monitor the content. Excellent. Thank you.

[CO_BBTechie]

I'd still suggest you're going about it the wrong way.

You're better off setting up forwarding of your corporate email to your BIS account. You can still accept meetings, but they won't go into your corporate calendar, but rather just your BB calendar.

A policy will likely be left behind on your device when it's disconnected from the BES. You will need to perform a factory wipe of your device in order to remove that policy. BES has many restrictions that can be placed on your device. They can remove the ability all together for SMS, personal email, web browsing, etc.

Even when removed from BES many of those restrictions will remain in place until you remove the IT policy that BES placed on your device.

[machiavell1]

Quote:

Originally Posted by CO_BBTechie

I'd still suggest you're going about it the wrong way.

You're better off setting up forwarding of your corporate email to your BIS account. You can still accept meetings, but they won't go into your corporate calendar, but rather just your BB calendar.

A policy will likely be left behind on your device when it's disconnected from the BES. You will need to perform a factory wipe of your device in order to remove that policy. BES has many restrictions that can be placed on your device. They can remove the ability all together for SMS, personal email, web browsing, etc.

Even when removed from BES many of those restrictions will remain in place until you remove the IT policy that BES placed on your device.

I'd agree with you - that's precisely what happened at my last firm. It took me loads of research to figure out how to rid myself of the policy!

However, I can't forward from our corp email (ie as a fixed rule - I can on an individual basis) so I am stuck with BES/BIS implementation for better (or rather for worse!).

[CO_BBTechie]

Fair enough... at least you know what you're getting into!

[dhendriksen]

Can they monitor what websites I go to via either the standard or wap browser?

I am on a BES as well.

[machiavell1]

Quote:

Originally Posted by dhendriksen

Can they monitor what websites I go to via either the standard or wap browser?

I am on a BES as well.

I'm fairly sure the answer is yes as the data connection is provided by BES rather than BIS or carrier TCP/IP. But I leave it to someone more technically knowledgeable than I to confirm/deny that...

[kjjb0204]

Quote:

Originally Posted by CO_BBTechie

Actually the BES does not currently have monitoring capabilities for your BIS email. That traffic is routed through your own carrier connection and not your BES connection.

Corp email, SMS, PIN, phone logs are all able to be monitored, logged, and stored.

So, what you're saying is I can't be the next bbfmod after troy?

[CO_BBTechie]

I'm saying no such thing.... Hey look how often JSanders is mistaken

[joeygator]

I'm not a berry admin or anything of the like. But if on bes, doesn't your ip reside on the bes server? And wouldn't that give ability to view any and all traffic going to the device, even bes?

[CO_BBTechie]

Quote:

Originally Posted by dhendriksen

Can they monitor what websites I go to via either the standard or wap browser?

I am on a BES as well.

I'm not even going to touch that one. Web browsing is a gray area if you don't know exactly what you're doing. There are certain methods you can use that may avoid logging, but I don't entirely understand the ins and outs of circumventing detection there. Nor would I advocate it.

[CO_BBTechie]

Quote:

Originally Posted by joeygator

I'm not a berry admin or anything of the like. But if on bes, doesn't your ip reside on the bes server? And wouldn't that give ability to view any and all traffic going to the device, even bes?

Negative. Your carrier provides your conduit to the Internet. "Certain" traffic goes through your private BES connection on it's way to the Internet and is therefore susceptible to interception.

[dmacd]

This might be worth reading. See 7 Ways Your E-mail Can Get You Fired - US News and World Report.

[kjjb0204]

Wirelessly posted

Quote:

Originally Posted by CO_BBTechie

I'm saying no such thing.... Hey look how often JSanders is mistaken

BURN

[djm2]

Quote:

Originally Posted by machiavell1

Now that was the answer I was looking for - so, if I want a modicum of privacy, (short of my employer actually seizing and examining my berry of course....) I can send and receive my own email on BIS without their ability to monitor the content. Excellent. Thank you.

I believe that you can receive BIS emails with no problem whatsoever in the scenario that you describe. I am pretty sure that IT could implement a policy that would require all emails sent from the device be sent through the BES. If you replied to an email, then the original message might well be nested within the reply, and hence could be monitored. The question is will such a policy be implemented? I don't implement that on my mini-BES, but...

[Rugid Child]

I was reading the Technology section of USATODAY a few days ago, and I came across an article talking about cell phones and can companies call up the provider and get your text messages and everything that was sent through to the cell phone. And according to the information int he article, companies cannot retrieve any information through a third party regarding wireless communications. So text messages on your Blackberry are fine to send since the company will only see that you sent and received text messages but they cannot retrieve them.

[Moonshadow]

Wirelessly posted (8130)

With respect to web browsing it depends on how your BES admins have set it up. I operate on a large BES and BIS as well.

The way our guys set it up WEB access is strictly through the carrier and has nothing to do with BES. However there is a way for a BES to provide access to the internet and if done this way then yes they can monitor.

BIS is only linked through your carrier and not through BES.
Depending on your company's IT policies, they may or may not frown on setting up a BIS account let alone using it. This is particularly important if it is their device. It gets greyer if it is a personal device but used on corporate BES. I suppose it depends on who is paying for what. If the employer is paying for the carrier account then they could claim priveledge. If not then I think you are ok.

But why not ask rather than take a chance?