Security Guide. BES12 Cloud. for BlackBerry

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Security Guide. BES12 Cloud. for BlackBerry"

Transcription

1 Security Guide BES12 Cloud for BlackBerry

2 Published: SWD

3 Contents Introduction... 7 About this guide...8 What is BES12 Cloud?... 9 Key features of BES12 Cloud...10 Security features Hardware and OS security Hardware root of trust for BlackBerry devices The BlackBerry 10 OS...15 The file system Sandboxing Device resources App permissions...16 Verifying software Preventing memory corruption...17 Activating and managing devices Activating devices...20 Activation passwords User registration with the BlackBerry Infrastructure Data flow: Activating a device...21 Using IT policies to manage security...23 Data in transit...25 How devices connect to your resources...26 Protecting Wi-Fi connections Connecting to a VPN...30 Types of encryption used for communication between devices and your resources Protecting data in transit between BES12 Cloud and devices Protecting device management data sent between BES12 Cloud and devices...32 Types of encryption used to send device management data to devices Providing devices with single sign-on access to your organization's network...34 Using Kerberos to provide single sign-on from devices...34 Protecting data in transit between BES12 Cloud and your company directory...35

4 Data flow: Establishing a secure connection between BES12 Cloud and the BlackBerry Cloud Connector...35 Protecting communication with devices using certificates Providing client certificates to devices...37 Using SCEP to enroll client certificates to devices...38 Sending CA certificates to devices...40 Protecting messages Extending security Data at rest...49 Activation options Securing BlackBerry Balance devices Securing regulated BlackBerry Balance devices...51 How work and personal spaces are separated Securing work space only devices Encryption How devices protect personal data...54 How devices protect work data Advanced data at rest protection How devices classify apps and data...58 Passwords Changing passwords...61 Data wipe Controlling when devices delete all data in the work space...65 Full device wipe Work data wipe...68 Controlling messaging...70 Controlling access to content Controlling access to devices Controlling device features...74 Controlling security timeout Managing sharing of work and personal files using the "Share" option Ensuring device integrity...76 Controlling software Controlling voice control Setting a home screen message...77 Controlling network connections from devices Transferring work data from devices using Bluetooth...78 Managing data transferred to and from a device using NFC... 81

5 Controlling roaming BlackBerry Link protection...82 Authentication between devices and BlackBerry Link...82 Data protection between BlackBerry Link and devices...82 Back up and restore Remote media and file access architecture Smart cards Unbinding the current smart card from a device...84 Authenticating a user using a smart card...84 Managing how devices use smart cards Apps Managing apps Managing work apps on devices...88 BlackBerry World for Work Installing personal apps on devices Preventing users from installing apps using development tools Protecting a device from malicious apps How devices are designed to prevent BlackBerry Runtime for Android apps from accessing work apps and data...89 Managing how apps open links in the work and personal spaces on devices...90 Preventing users from using voice dictation within work apps on devices Preventing users from sharing work data on devices when sharing the screen during BBM Video chats Making apps unavailable on devices Controlling how apps connect to networks...92 How work apps connect to work networks Preventing personal apps from connecting to work networks Allowing work apps to connect to personal networks...93 Cryptography...95 Cryptography on devices...96 Symmetric encryption algorithms...96 Asymmetric encryption algorithms...96 Hash algorithms Message authentication codes...97 Signature algorithms...97 Key agreement algorithms Cryptographic protocols...98 Cipher suites for SSL/TLS connections...99

6 Cryptographic libraries VPN cryptographic support Wi-Fi cryptographic support Product documentation Glossary Legal notice...111

7 Introduction

8 Introduction About this guide 1 BES12 helps you manage devices for your organization, including BlackBerry 10, ios, Android, and Windows Phone devices. This guide describes how BES12 delivers a higher level of control and security to BlackBerry 10 devices. This guide is intended for senior IT professionals responsible for evaluating the product and planning its deployment, as well as anyone who's interested in learning more about BES12 solution security. After you read this guide, you should understand how BES12 can help protect data in transit, data at rest, and apps for your organization. 8

9 Introduction What is BES12 Cloud? 2 BES12 Cloud is an EMM solution from BlackBerry. EMM solutions help you manage mobile devices for your organization. You can manage BlackBerry 10, ios, Android and Windows Phone devices, all from a unified interface. BES12 Cloud is an EMM solution that is available in the cloud. EMM solution BES12 Cloud BES12 Description An easy-to-use, low-cost, and secure solution. BlackBerry hosts this service over the Internet. You only need a supported web browser to access the service, and BlackBerry maintains high availability to minimize downtime. Optionally, you can connect your on-premises company directory to BES12 Cloud. A comprehensive, scalable, and secure solution. Your organization installs this service in its environment. The deployment can range in size from one server to many, and you can set up and maintain high availability to minimize downtime. 9

10 Introduction Key features of BES12 Cloud Feature Management of most types of devices Single, unified interface Initial-login wizard Trusted and secure experience Balance of work and personal needs High availability Description You can manage BlackBerry 10, ios, Android, and Windows Phone devices. You can view all devices in one place and access all management tasks in a single, web-based interface. You can share administrative duties with multiple administrators who can access the administration consoles at the same time. When you log in to BES12 Cloud for the first time, a wizard helps you set up some of the features of BES12 Cloud. The wizard can help you install an APNs certificate to manage ios devices, set an initial password policy to make sure devices are protected, and create an profile to make sure devices can access work . Device controls give you precise management of how devices connect to your network, what capabilities are enabled, and what apps are available. Whether the devices are owned by your organization or your users, you can protect your organization's information. BlackBerry Balance technology is designed to ensure that personal and work information are kept separate and secure on BlackBerry devices. If the device is lost or the employee leaves the organization, you can delete only workrelated information or all information from the device. Instead of having to maintain your own highly available service for device management, with all the upfront and maintenance costs, BlackBerry maintains the service and maximizes uptime for you. 10

11 Introduction Security features Feature Description BlackBerry manufacturing security model BlackBerry's end-to-end manufacturing model ensures BlackBerry 10 device hardware integrity and that only genuine BlackBerry devices connect to the BlackBerry Infrastructure. BlackBerry 10 OS protection Administrative control Control over device access to your organization s network Protection of company directory data Protection of data in transit Protection of data at rest Cryptography FIPS certification for the BES12 server The BlackBerry 10 OS is tamper-resistant, resilient, and secure, and includes many security features that protect data, apps, and resources on devices. BES12 provides you with control over device behavior through features such as device activation, IT administration commands, IT policies, and profiles. BES12 allows you to send work Wi-Fi profiles and work VPN profiles to BlackBerry 10 devices so that you can control which devices can connect to your organization's network. If you allow BES12 Cloud to access your company directory, the BlackBerry Cloud Connector sends your company directory information to BES12 Cloud over a secure TLS connection. Data in transit within the BES12 solution is protected using security features such as encryption, certificates, and mutually authenticated connections. Data at rest on BlackBerry 10 devices is protected using security features such as encryption, passwords, and data wiping. BlackBerry 10 devices support various types of cryptographic algorithms, codes, protocols, and APIs. BES12 encrypts all of the data that it stores directly and writes indirectly to files using a FIPS-validated cryptographic module. 11

12

13 Hardware and OS security Secure

14 Hardware and OS security Hardware root of trust for BlackBerry devices 3 BlackBerry ensures the integrity of BlackBerry device hardware and makes sure that counterfeit devices can't connect to the BlackBerry Infrastructure and use BlackBerry services. From the beginning of the product lifecycle, BlackBerry integrates security into every major component of the product design of devices. BlackBerry has enhanced its end-to-end manufacturing model to securely connect the supply chain, BlackBerry manufacturing partners, the BlackBerry Infrastructure, and BlackBerry devices, which allows BlackBerry to build trusted devices anywhere in the world. The BlackBerry manufacturing security model prevents counterfeit devices from impersonating authentic devices and makes sure that only genuine BlackBerry devices can connect to the BlackBerry Infrastructure. The BlackBerry Infrastructure uses device authentication to cryptographically prove the identity of the device that attempts to register with it. The BlackBerry manufacturing systems use the device s hardware-based ECC 521-bit key pair to track, verify, and provision each device as it goes through the manufacturing process. Only devices that complete the verification and provisioning processes can register with the BlackBerry Infrastructure. 14

15 Hardware and OS security The BlackBerry 10 OS 4 The BlackBerry 10 OS is the microkernel operating system of the BlackBerry 10 device. Microkernel operating systems implement the minimum amount of software in the kernel and run other processes in the user space that is outside of the kernel. Microkernel operating systems are designed to contain less code in the kernel than other operating systems. The reduced amount of code helps the kernel to avoid the vulnerabilities that are associated with complex code and to make verification easier. Verification is the process of evaluating a system for programming errors. Many of the processes that run in the kernel in a conventional operating system run in the user space of the OS. The OS is tamper-resistant. The kernel performs an integrity test when the OS starts and if the integrity test detects damage to the kernel, the device doesn t start. The OS is resilient. The kernel isolates a process in its user space if it stops responding and restarts the process without negatively affecting other processes. In addition, the kernel uses adaptive partitioning to prevent apps from interfering with or reading the memory used by another app. The OS is secure. The kernel validates requests for resources and an authorization manager controls how apps access the capabilities of the device, such as access to the camera, contacts, and device identifying information. The file system The BlackBerry 10 device file system runs outside of the kernel and keeps work data secure and separate from personal data. The file system is divided into the following areas: Base file system Work file system Personal file system (on devices with a personal space) The base file system is read-only and contains system files. Because the base file system is read-only, the BlackBerry 10 OS can check the integrity of the base file system and mitigate any damage done by an attacker who changed the file system. The work file system contains work apps and data. The device encrypts the files stored in the work space. On devices with a personal space, the personal file system contains personal apps and data. Apps that a user installed on the device from the BlackBerry World storefront are located in the personal file system. The device can encrypt the files stored in the personal file system. Sandboxing The BlackBerry 10 OS uses a security mechanism called sandboxing to separate and restrict the capabilities and permissions of apps that run on the device. Each app process runs in its own sandbox, which is a virtual container that consists of the memory and the part of the file system that the app process has access to at a specific time. 15

16 Hardware and OS security Each sandbox is associated with both the app and the space that it's used in. For example, an app can have one sandbox in the personal space and another sandbox in the work space; each sandbox is isolated from the other one. The OS evaluates the requests that an app s process makes for memory outside of its sandbox. If a process tries to access memory outside of its sandbox without approval from the OS, the OS ends the process, reclaims all of the memory that the process is using, and restarts the process without negatively affecting other processes. When the OS is installed, it assigns a unique group ID to each app. Two apps can't share the same group ID, and the OS doesn't reuse group IDs after apps are removed. An app s group ID remains the same when the app is upgraded. By default, each app stores its data in its own sandbox. The OS prevents apps from accessing file system locations that aren't associated with the app s group ID. An app can also store and access data in a shared directory, which is a sandbox that is available to any app that has access to it. When an app that wants to store or access files in the shared directory starts for the first time, the app prompts the user to allow access. Device resources The BlackBerry 10 OS manages the device's resources so that an app can't take resources from another app. The OS uses adaptive partitioning to reallocate unused resources to apps during typical operating conditions and enhance the availability of the resources to specific apps during peak operating conditions. App permissions The authorization manager is the part of the BlackBerry 10 OS that evaluates requests from apps to access the capabilities of the device. Capabilities include taking a photograph and recording audio. The OS invokes the authorization manager when an app starts to set the permissions for the capabilities that the app uses. When an app starts, it might prompt the user to allow access to a capability. The authorization manager can store a permission that the user grants and apply the permission the next time that the app starts. Verifying software Verifying the boot loader code The BlackBerry 10 device uses an authentication method that verifies that the boot loader code is permitted to run on the device. The manufacturing process installs the boot loader into the flash memory of the device and a public signing key into the processor of the device. The BlackBerry signing authority system uses a private key to sign the boot loader code. The device stores information that it can use to verify the digital signature of the boot loader code. When a user turns on a device, the processor runs internal ROM code that reads the boot loader from flash memory and verifies the digital signature of the boot loader code using the stored public key. If the verification process completes, the boot loader is permitted to run on the device. If the verification process can't complete, the device stops running. 16

17 Hardware and OS security Verifying the OS and file system If the boot loader code is permitted to run on a BlackBerry 10 device, the boot loader code verifies the BlackBerry 10 OS. The OS is digitally signed using EC 521 with a series of private keys. The boot loader code uses the corresponding public keys to verify that the digital signature is correct. If it's correct, the boot loader code runs the BlackBerry 10 OS. Before the OS mounts the read-only base file system, it runs a validation program that generates a SHA-256 hash of the base file system content, including all metadata. The program compares the SHA-256 hash to a SHA-256 hash that is stored outside the base file system. This stored hash is digitally signed using EC 521 with a series of private keys. If the hashes match, the validation program uses the corresponding public keys to verify the signature and the integrity of the stored hash. Verifying apps and software upgrades Once the base file system is validated, the BlackBerry 10 OS verifies existing apps by reading an app s XML file and verifying the assets of the app against the cryptographically signed hashes contained in the XML manifest. Each software upgrade and app for the BlackBerry 10 device is packaged in the BlackBerry Archive (BAR) format. This format includes SHA-2 hashes of each archived file, and an ECC signature that covers the list of hashes. When a user installs a software upgrade or app, the installation program verifies that the hashes and the digital signature are correct. The digital signatures for a BAR file also indicate the author of the software upgrade or app. The user can then decide whether to install the software based on its author. Because the device can verify the integrity of a BAR file, the device can download BAR files over an HTTP connection, which makes the download process faster than over a more secure connection. Preventing memory corruption BlackBerry 10 devices prevent exploitation of memory corruption in a number of different ways, including the security mechanisms listed in the following table: Security mechanism Non-executable stack and heap Stack cookies Robust heap implementations Description The stack and heap areas of memory are marked as non-executable. This means that a process can't execute machine code in these areas of the memory, which makes it more difficult for an attacker to exploit potential buffer overflows. Stack cookies are a form of buffer overflow protection that helps prevent attackers from executing arbitrary code. The heap implementation includes a defense mechanism against the deliberate corruption of the heap area of memory. The mechanism is designed to detect or mitigate the overwriting of in-band heap data structures so that a program can fail in a secure manner. The mechanism helps prevent attackers from executing arbitrary code via heap corruption. 17

18 Hardware and OS security Security mechanism Address space layout randomization (ASLR) Compiler-level source fortification Guard pages Description By default, the memory positions of all areas of a program are randomly arranged in the address space of a process. This mechanism makes it more difficult for an attacker to perform an attack that involves predicting target addresses to execute arbitrary code. The compiler GCC uses the FORTIFY_SOURCE option to replace non-secure code constructs where possible. For example, it might replace an unbounded memory copy with its bounded equivalent. If a process attempts to access a memory page, the guard page raises a one-time exception and causes the process to fail. These guard pages are placed strategically between memory used for different purposes, such as the standard program heap and the object heap. This mechanism helps prevent an attacker from causing a heap buffer overflow and changing the behavior of a process or executing arbitrary code with the permissions of the compromised process. 18

19 Activating and managing devices Simple

20 Activating and managing devices Activating devices 5 Device activation associates a BlackBerry 10 device with a user account in BES12 and establishes a secure communication channel between the device and BES12. BES12 allows multiple devices to be activated for the same user account. More than one active ios, Android, Windows Phone, and BlackBerry 10 device can be associated with a user account. All device types consume a license when they are activated. BlackBerry 10 devices can be activated using one of three activation types. Activation type Work and personal - Corporate Work and personal - Regulated Work space only Description This option activates a BlackBerry Balance device that separates work and personal data. Your organization has control only over the work space. This option activates a regulated BlackBerry Balance device. These devices separate work and personal data but give you more control over the features available on the device. This option activates a device that has a work space only. You can activate devices that are running BlackBerry 10 OS version 10.3 and later for users using a USB connection instead of a wireless connection. To activate devices using a USB connection, you must install the BlackBerry Wired Activation Tool. By default, a user can activate a device using any of the following connections: Over any Wi-Fi connection or mobile network using a VPN connection with a connection to the BlackBerry Infrastructure Over any Wi-Fi connection or mobile network through the BlackBerry Infrastructure Your organization's activation information is registered automatically with the BlackBerry Infrastructure. The username and your organization's BES12 server address is sent to and stored in the BlackBerry Infrastructure. If you turn off registration with the BlackBerry Infrastructure, then BES12 users also require the organization's BES12 server address to activate their devices. Users can activate their devices after they receive an activation message from BES12, or they can log in to BES12 Self- Service and request an activation password. When a user begins activation of a BlackBerry Balance or regulated BlackBerry Balance device, if the device has an existing work space, the device displays a warning message to indicate that the work data and work apps on the device will be deleted. When the user confirms that the device should be activated, the existing work space is deleted and a new work space is created. 20

21 Activating and managing devices When a user begins activation of a work space only device, the device displays a warning message to indicate that all data on the device will be deleted. When the user confirms that the device should be activated, all data is deleted and the device restarts before the new work space is created. After the activation process completes, BES12 can send apps, profiles, and IT policies to the device. If an profile is configured, the user can send and receive work messages using the device. For more information about activating and managing devices, visit docs.blackberry.com/bes12cloud to see the Administration content. Activation passwords You can specify how long an activation password remains valid before it expires. You can also specify the default password length for the automatically generated password that is sent to users in the activation message. The value that you enter for the activation period expiration appears as the default setting in the "Activation period expiration" field when you add a user account to BES12. The activation period expiration can be 1 minute to 30 days, and the length of the automatically generated password can be 4 to 16 characters. User registration with the BlackBerry Infrastructure User registration with the BlackBerry Infrastructure is a setting in the default activation settings that allows users to be registered with the BlackBerry Infrastructure when you add a user to BES12. Information sent to the BlackBerry Infrastructure is sent and stored securely. The benefit of registration is that users don't have to enter the server address when they are activating a device; they only need to enter their address and password. The Enterprise Management Agent on BlackBerry 10 devices then communicates with the BlackBerry Infrastructure to retrieve the server address. A secure connection is established with BES12 with minimal user input. You can turn off user registration with the BlackBerry Infrastructure if you don't want to send user information to BlackBerry. Data flow: Activating a device You can activate a device using any wireless connection, such as a Wi-Fi network or the mobile network. 21

22 Activating and managing devices 1. You add a user to BES12 using the management console. 2. If the device is an Android, ios, or Windows Phone device, the user downloads and installs the BES12 Client on their device. 3. The user enters their activation username and password on their device. 4. BES12 verifies the user's activation credentials and sends the activation details to the device, including device configuration information. 5. The device receives the activation details from BES12 and completes the configuration. The device then sends confirmation to BES12 that the activation was successful. 22

23 Activating and managing devices Using IT policies to manage security 6 An IT policy is a set of rules that restrict or allow features and functionality on devices. IT policy rules can manage the security and behavior of devices. The device OS and device activation type determine which rules in an IT policy apply to a specific device. For example, depending on the device activation type, OS, and version, IT policy rules can be used to: Enforce password requirements on devices or the device work space Prevent users from using the camera Control connections that use Bluetooth wireless technology Force data encryption Only one IT policy can be assigned to each user account, and the assigned IT policy is sent to all of the user's devices. If you don't assign an IT policy to a user account or to a group that a user or device belongs to, BES12 sends the Default IT policy to the user's devices. You can rank IT policies to specify which policy is sent to devices if a user or a device is a member of two or more groups that have different IT policies and no IT policy is assigned directly to the user account. BES12 sends the highest ranked IT policy to the user's devices. BES12 automatically sends IT policies to devices when a user activates a device, when an assigned IT policy is updated, and when a different IT policy is assigned to a user or group. When a device receives a new or updated IT policy, the device applies the configuration changes in near real-time. All of the BlackBerry 10 IT policy rules available in BES12 apply to regulated BlackBerry Balance devices. Work space only devices and BlackBerry Balance devices ignore rules in the IT policy that are not applicable to those devices. For more information about assigning and ranking IT policies, visit docs.blackberry.com/bes12cloud to see the Administration content. For more information about specific IT policy rules, visit docs.blackberry.com/bes12cloud to see the Policy Reference Spreadsheet in the Administration content. 23

24

25 Data in transit

26 Data in transit How devices connect to your resources 7 BlackBerry 10 devices can connect to your organization s resources (for example, mail servers, web servers, and content servers) using a number of communication methods. By default, devices try to connect to your organization s resources using the following communication methods, in order: 1. Work VPN profiles that you configure 2. Work Wi-Fi profiles that you configure 3. Personal VPN profiles and personal Wi-Fi profiles that a user configures on the device By default, work apps on the device can also use any of these communication methods to access the resources in your organization s environment. Protecting Wi-Fi connections A device can connect to work Wi-Fi networks that use the IEEE standard. The IEEE i standard uses the IEEE 802.1X standard for authentication and key management to protect work Wi-Fi networks. The IEEE i standard specifies that organizations must use the PSK protocol or the IEEE 802.1X standard as the access control method for Wi-Fi networks. You can use Wi-Fi profiles to send Wi-Fi configuration information, including security settings and any required certificates to devices. 26

27 Data in transit Layer 2 security methods that a device supports You can configure a device to use security methods for layer 2 (also known as the IEEE link layer) so that the wireless access point can authenticate the device to allow the device and the wireless access point to encrypt the data that they send to each other. The device supports the following layer 2 security methods: WEP encryption (64-bit and 128-bit) IEEE 802.1X standard and EAP authentication using PEAP, EAP-TLS, EAP-TTLS, and EAP-FAST TKIP and AES-CCMP encryption for WPA-Personal, WPA2-Personal, WPA-Enterprise, and WPA2-Enterprise To support layer 2 security methods, the device has a built-in IEEE 802.1X supplicant. If a work Wi-Fi network uses EAP authentication, you can permit and deny device access to the work Wi-Fi network by updating your organization s central authentication server. You're not required to update the configuration of each access point. For more information about IEEE and IEEE 802.1X, see For more information about EAP authentication, see RFC IEEE 802.1X standard The IEEE 802.1X standard defines a generic authentication framework that a device and a work Wi-Fi network can use for authentication. The EAP framework is specified in RFC The device supports EAP authentication methods that meet the requirements of RFC 4017 to authenticate the device to the work Wi-Fi network. Some EAP authentication methods (for example, EAP-TLS, EAP-TTLS, EAP-FAST, or PEAP) use credentials to provide mutual authentication between the device and the work Wi-Fi network. The device is compatible with the WPA-Enterprise and WPA2-Enterprise specifications. Data flow: Authenticating a device with a work Wi-Fi network using the IEEE 802.1X standard If you configured a wireless access point to use the IEEE 802.1X standard, the access point permits communication using EAP authentication only. This data flow assumes that you configured a device to use an EAP authentication method to communicate with the access point. 1. The device associates itself with the access point that you configured to use the IEEE 802.1X standard. The device sends its credentials (typically a username and password) to the access point. 2. The access point sends the credentials to the authentication server. 3. The authentication server performs the following actions: a b c Authenticates the device on behalf of the access point Instructs the access point to permit access to the work Wi-Fi network Sends Wi-Fi credentials to the device to permit it to authenticate with the access point 4. The access point and device use EAPoL-Key messages to generate encryption keys (for example, WEP, TKIP, or AES- CCMP, depending on the EAP authentication method that the device uses). 27

Security Guide. BlackBerry Enterprise Service 12. for BlackBerry. Version 12.0

Security Guide. BlackBerry Enterprise Service 12. for BlackBerry. Version 12.0 Security Guide BlackBerry Enterprise Service 12 for BlackBerry Version 12.0 Published: 2014-11-12 SWD-20141106140037727 Contents Introduction... 7 About this guide...8 What is BES12?...9 Key features of

More information

Security Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2

Security Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2 BlackBerry Enterprise Service 10 BlackBerry Device Service Solution Version: 10.2 Security Technical Overview Published: 2014-09-10 SWD-20140908123239883 Contents 1 About BlackBerry Device Service solution

More information

Security Guide. BlackBerry 10 Device

Security Guide. BlackBerry 10 Device Security Guide BlackBerry 10 Device Published: 2016-01-29 SWD-20160129121335350 Contents Introduction... 5 Secure device management... 6 Hardware root of trust...7 The BlackBerry 10 OS... 8 The file system...8

More information

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0 Security Guide BlackBerry Enterprise Service 12 for ios, Android, and Windows Phone Version 12.0 Published: 2015-02-06 SWD-20150206130210406 Contents About this guide... 6 What is BES12?... 7 Key features

More information

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise

More information

Advanced Administration

Advanced Administration BlackBerry Enterprise Service 10 BlackBerry Device Service Version: 10.2 Advanced Administration Guide Published: 2014-09-10 SWD-20140909133530796 Contents 1 Introduction...11 About this guide...12 What

More information

Administration Guide. BlackBerry Enterprise Service 12. Version 12.0

Administration Guide. BlackBerry Enterprise Service 12. Version 12.0 Administration Guide BlackBerry Enterprise Service 12 Version 12.0 Published: 2015-01-16 SWD-20150116150104141 Contents Introduction... 9 About this guide...10 What is BES12?...11 Key features of BES12...

More information

BlackBerry Enterprise Service 10. Universal Device Service Version: 10.2. Administration Guide

BlackBerry Enterprise Service 10. Universal Device Service Version: 10.2. Administration Guide BlackBerry Enterprise Service 10 Universal Service Version: 10.2 Administration Guide Published: 2015-02-24 SWD-20150223125016631 Contents 1 Introduction...9 About this guide...10 What is BlackBerry

More information

Architecture and Data Flow Overview. BlackBerry Enterprise Service 10 721-08877-123 Version: 10.2. Quick Reference

Architecture and Data Flow Overview. BlackBerry Enterprise Service 10 721-08877-123 Version: 10.2. Quick Reference Architecture and Data Flow Overview BlackBerry Enterprise Service 10 721-08877-123 Version: Quick Reference Published: 2013-11-28 SWD-20131128130321045 Contents Key components of BlackBerry Enterprise

More information

ipad in Business Security

ipad in Business Security ipad in Business Security Device protection Strong passcodes Passcode expiration Passcode reuse history Maximum failed attempts Over-the-air passcode enforcement Progressive passcode timeout Data security

More information

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0 Configuration Guide BlackBerry Enterprise Service 12 Version 12.0 Published: 2014-12-19 SWD-20141219132902639 Contents Introduction... 7 About this guide...7 What is BES12?...7 Key features of BES12...

More information

Security Technical. Overview. BlackBerry Enterprise Server for Microsoft Exchange. Version: 5.0 Service Pack: 4

Security Technical. Overview. BlackBerry Enterprise Server for Microsoft Exchange. Version: 5.0 Service Pack: 4 BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 4 Security Technical Overview Published: 2014-01-17 SWD-20140117135425071 Contents 1 New in this release...10 2 Overview...

More information

Policy and Profile Reference Guide

Policy and Profile Reference Guide BlackBerry Enterprise Service 10 BlackBerry Device Service Version: 10.2 Policy and Profile Reference Guide Published: 2014-06-16 SWD-20140616165002982 Contents 1 About this guide... 10 2 New IT policy

More information

Deploying iphone and ipad Security Overview

Deploying iphone and ipad Security Overview Deploying iphone and ipad Security Overview ios, the operating system at the core of iphone and ipad, is built upon layers of security. This enables iphone and ipad to securely access corporate services

More information

BlackBerry Enterprise Server 5.0 SP3 and BlackBerry 7.1

BlackBerry Enterprise Server 5.0 SP3 and BlackBerry 7.1 BlackBerry Enterprise Server 5.0 SP3 and BlackBerry 7.1 Version: 5.0 Service Pack: 3 Security Technical Overview Published: 2012-01-17 SWD-1936256-0117012253-001 Contents 1 Document revision history...

More information

Configuration Guide BES12. Version 12.1

Configuration Guide BES12. Version 12.1 Configuration Guide BES12 Version 12.1 Published: 2015-04-22 SWD-20150422113638568 Contents Introduction... 7 About this guide...7 What is BES12?...7 Key features of BES12... 8 Product documentation...

More information

Security Guide. BES12 Cloud

Security Guide. BES12 Cloud Security Guide BES12 Cloud Published: 2015-08-20 SWD-20150812133927242 Contents Security features of BES12 Cloud...4 How BES12 Cloud protects data stored in BlackBerry data centers...4 How BES12 Cloud

More information

ClickShare Network Integration

ClickShare Network Integration ClickShare Network Integration Application note 1 Introduction ClickShare Network Integration aims at deploying ClickShare in larger organizations without interfering with the existing wireless network

More information

Configuration Guide BES12. Version 12.2

Configuration Guide BES12. Version 12.2 Configuration Guide BES12 Version 12.2 Published: 2015-07-07 SWD-20150630131852557 Contents About this guide... 8 Getting started... 9 Administrator permissions you need to configure BES12... 9 Obtaining

More information

iphone in Business Security Overview

iphone in Business Security Overview iphone in Business Security Overview iphone can securely access corporate services and protect data on the device. It provides strong encryption for data in transmission, proven authentication methods

More information

BlackBerry Enterprise Service 10. Version: 10.2. Configuration Guide

BlackBerry Enterprise Service 10. Version: 10.2. Configuration Guide BlackBerry Enterprise Service 10 Version: 10.2 Configuration Guide Published: 2015-02-27 SWD-20150227164548686 Contents 1 Introduction...7 About this guide...8 What is BlackBerry Enterprise Service 10?...9

More information

BlackBerry 10.3 Work and Personal Corporate

BlackBerry 10.3 Work and Personal Corporate GOV.UK Guidance BlackBerry 10.3 Work and Personal Corporate Published Contents 1. Usage scenario 2. Summary of platform security 3. How the platform can best satisfy the security recommendations 4. Network

More information

Policy and Profile Reference Guide. BES10 Cloud Market Preview

Policy and Profile Reference Guide. BES10 Cloud Market Preview Policy and Profile Reference Guide BES10 Cloud Market Preview Published: 2014-02-04 SWD-20140204170848330 Contents About this guide... 13 What is BES10 Cloud?... 13 Key features of BES10 Cloud...14 IT

More information

Configuration Guide BES12. Version 12.3

Configuration Guide BES12. Version 12.3 Configuration Guide BES12 Version 12.3 Published: 2016-01-19 SWD-20160119132230232 Contents About this guide... 7 Getting started... 8 Configuring BES12 for the first time...8 Configuration tasks for managing

More information

Security Guide. PRIV by BlackBerry

Security Guide. PRIV by BlackBerry Security Guide PRIV by BlackBerry Published: 2016-04-25 SWD-20160425114127770 Contents Introduction: Security and privacy, deep and wide...5 Device security: Layered defenses throughout the stack...6 Device

More information

BYOD Guidance: BlackBerry Secure Work Space

BYOD Guidance: BlackBerry Secure Work Space GOV.UK Guidance BYOD Guidance: BlackBerry Secure Work Space Published 17 February 2015 Contents 1. About this guidance 2. Summary of key risks 3. Secure Work Space components 4. Technical assessment 5.

More information

ClickShare Network Integration

ClickShare Network Integration ClickShare Network Integration Application note 1 Introduction ClickShare Network Integration aims at deploying ClickShare in larger organizations without interfering with the existing wireless network

More information

Troubleshooting BlackBerry Enterprise Service 10 version 10.1.1 726-08745-123. Instructor Manual

Troubleshooting BlackBerry Enterprise Service 10 version 10.1.1 726-08745-123. Instructor Manual Troubleshooting BlackBerry Enterprise Service 10 version 10.1.1 726-08745-123 Instructor Manual Published: 2013-07-02 SWD-20130702091645092 Contents Advance preparation...7 Required materials...7 Topics

More information

Installation and Administration Guide

Installation and Administration Guide Installation and Administration Guide BlackBerry Enterprise Transporter for BlackBerry Enterprise Service 12 Version 12.0 Published: 2014-11-06 SWD-20141106165936643 Contents What is BES12?... 6 Key features

More information

BlackBerry Business Cloud Services. Administration Guide

BlackBerry Business Cloud Services. Administration Guide BlackBerry Business Cloud Services Administration Guide Published: 2012-07-25 SWD-20120725193410416 Contents 1 About BlackBerry Business Cloud Services... 8 BlackBerry Business Cloud Services feature overview...

More information

Reference Guide. What's New in BES12 Cloud

Reference Guide. What's New in BES12 Cloud Reference Guide What's New in BES12 Cloud 711-60712-123 Published: 2016-06-20 SWD-20160620151902701 Contents What's new in BES12 Cloud...5 Supported features by device type... 5 Compatibility and requirements...11

More information

Salesforce1 Mobile Security Guide

Salesforce1 Mobile Security Guide Salesforce1 Mobile Security Guide Version 1, 1 @salesforcedocs Last updated: December 8, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of salesforce.com,

More information

BlackBerry Business Cloud Services. Policy Reference Guide

BlackBerry Business Cloud Services. Policy Reference Guide BlackBerry Business Cloud Services Policy Reference Guide Published: 2012-01-30 SWD-1710801-0125055002-001 Contents 1 IT policy rules... 5 Preconfigured IT policies... 5 Default for preconfigured IT policies...

More information

Administration Guide BES12. Version 12.3

Administration Guide BES12. Version 12.3 Administration Guide BES12 Version 12.3 Published: 2015-10-30 SWD-20151028105551254 Contents Introduction... 11 About this guide...12 How to use this guide... 13 Steps to administer BES12... 13 Examples

More information

BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0. Administration Guide

BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0. Administration Guide BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Administration Guide SWDT487521-635336-0528040852-001 Contents 1 Overview: BlackBerry Enterprise Server... 21 Getting started in your BlackBerry

More information

Licensing Guide BES12. Version 12.1

Licensing Guide BES12. Version 12.1 Licensing Guide BES12 Version 12.1 Published: 2015-04-02 SWD-20150402115554403 Contents Introduction... 5 About this guide...5 What is BES12?...5 Key features of BES12... 5 About licensing...7 Steps to

More information

BlackBerry 10.3 Work Space Only

BlackBerry 10.3 Work Space Only GOV.UK Guidance BlackBerry 10.3 Work Space Only Published Contents 1. Usage scenario 2. Summary of platform security 3. How the platform can best satisfy the security recommendations 4. Network architecture

More information

PUBLIC Secure Login for SAP Single Sign-On Implementation Guide

PUBLIC Secure Login for SAP Single Sign-On Implementation Guide SAP Single Sign-On 2.0 SP04 Document Version: 1.0-2014-10-28 PUBLIC Secure Login for SAP Single Sign-On Implementation Guide Table of Contents 1 What Is Secure Login?....8 1.1 System Overview.... 8 1.1.1

More information

Configuration Guide. BES12 Cloud

Configuration Guide. BES12 Cloud Configuration Guide BES12 Cloud Published: 2016-04-08 SWD-20160408113328879 Contents About this guide... 6 Getting started... 7 Configuring BES12 for the first time...7 Administrator permissions you need

More information

Corporate-level device management for BlackBerry, ios and Android

Corporate-level device management for BlackBerry, ios and Android B L A C K B E R R Y E N T E R P R I S E S E R V I C E 1 0 Corporate-level device management for BlackBerry, ios and Android Corporate-level (EMM) delivers comprehensive device management, security and

More information

Configuring Security Features of Session Recording

Configuring Security Features of Session Recording Configuring Security Features of Session Recording Summary This article provides information about the security features of Citrix Session Recording and outlines the process of configuring Session Recording

More information

802.1X Authentication

802.1X Authentication OS X 10.7.3 and ios 5.1 May 25, 2012 Contents About 802.1X... 3 Apple Product Compatibility with 802.1X... 7 Configuring 802.1X Settings... 10 Resources... 17 Appendix A: Payload Settings for 802.1X...

More information

BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2. Administration Guide

BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2. Administration Guide BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2 Administration Guide Published: 2010-06-16 SWDT487521-1041691-0616023638-001 Contents 1 Overview: BlackBerry Enterprise

More information

Deploying iphone and ipad Virtual Private Networks

Deploying iphone and ipad Virtual Private Networks Deploying iphone and ipad Virtual Private Networks Secure access to private corporate networks is available on iphone and ipad using established industry-standard virtual private network (VPN) protocols.

More information

Cloud Services MDM. Telecom Management Admin Guide

Cloud Services MDM. Telecom Management Admin Guide Cloud Services MDM Telecom Management Admin Guide 10/24/2014 CONTENTS Telecom Management... 2 Enabling Telecom Setting... 2 Creating and Managing Telecom Plans... 3 Dynamic Assignment... 4 Dashboard Usage...

More information

Ensuring the security of your mobile business intelligence

Ensuring the security of your mobile business intelligence IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive

More information

New Security Features

New Security Features New Security Features BlackBerry 10 OS Version 10.3.1 Published: 2014-12-17 SWD-20141211141004210 Contents About this guide... 4 Advanced data at rest protection... 5 System requirements... 6 Managing

More information

BlackBerry Enterprise Service 10. Version: 10.2. Installation Guide

BlackBerry Enterprise Service 10. Version: 10.2. Installation Guide BlackBerry Enterprise Service 10 Version: 10.2 Installation Guide Published: 2015-08-17 SWD-20150817115607897 Contents 1 About this guide...5 2 What is BlackBerry Enterprise Service 10?... 6 Key features

More information

HIGH-SECURITY MOBILITY MANAGEMENT FROM BLACKBERRY

HIGH-SECURITY MOBILITY MANAGEMENT FROM BLACKBERRY GOLD EMM SUBSCRIPTIONS Experience the most secure mobility management solution with BES12 and Gold Enterprise Mobility Management (EMM) subscriptions. HIGH-SECURITY MOBILITY MANAGEMENT FROM BLACKBERRY

More information

HIGH-SECURITY MOBILITY MANAGEMENT FROM BLACKBERRY

HIGH-SECURITY MOBILITY MANAGEMENT FROM BLACKBERRY DATASHEET HIGH-SECURITY MOBILITY MANAGEMENT FROM BLACKBERRY Gold level EMM for BlackBerry Regulated-level security for BlackBerry 10 devices Ultimate security. BlackBerry 10 devices managed by BES10 with

More information

Introduction to the EIS Guide

Introduction to the EIS Guide Introduction to the EIS Guide The AirWatch Enterprise Integration Service (EIS) provides organizations the ability to securely integrate with back-end enterprise systems from either the AirWatch SaaS environment

More information

BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2. Feature and Technical Overview

BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2. Feature and Technical Overview BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2 Feature and Technical Overview Published: 2010-06-16 SWDT305802-1108946-0615123042-001 Contents 1 Overview: BlackBerry Enterprise

More information

Introduction to Mobile Access Gateway Installation

Introduction to Mobile Access Gateway Installation Introduction to Mobile Access Gateway Installation This document describes the installation process for the Mobile Access Gateway (MAG), which is an enterprise integration component that provides a secure

More information

Chapter 17. Transport-Level Security

Chapter 17. Transport-Level Security Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics

More information

Windows Phone 8.1 in the Enterprise

Windows Phone 8.1 in the Enterprise Windows Phone 8.1 in the Enterprise Version 1.4 MobileIron 415 East Middlefield Road Mountain View, CA 94043 USA Tel. +1.650.919.8100 Fax +1.650.919.8006 info@mobileiron.com Introduction 3 Why Windows

More information

Feature and Technical

Feature and Technical BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 4 Feature and Technical Overview Published: 2013-11-07 SWD-20131107160132924 Contents 1 Document revision history...6 2 What's

More information

Case Study for Layer 3 Authentication and Encryption

Case Study for Layer 3 Authentication and Encryption CHAPTER 2 Case Study for Layer 3 Authentication and Encryption This chapter explains the basic tasks for configuring a multi-service, extranet Virtual Private Network (VPN) between a Cisco Secure VPN Client

More information

BlackBerry Desktop Software User Guide

BlackBerry Desktop Software User Guide BlackBerry Desktop Software User Guide Version: 2.4 SWD-1905381-0426093716-001 Contents Basics... 3 About the BlackBerry Desktop Software... 3 Set up your smartphone with the BlackBerry Desktop Software...

More information

FileCloud Security FAQ

FileCloud Security FAQ is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file

More information

Configuration Guide for RFMS 3.0 Initial Configuration. WiNG 5 How-To Guide. Digital Certificates. July 2011 Revision 1.0

Configuration Guide for RFMS 3.0 Initial Configuration. WiNG 5 How-To Guide. Digital Certificates. July 2011 Revision 1.0 Configuration Guide for RFMS 3.0 Initial Configuration XXX-XXXXXX-XX WiNG 5 How-To Guide Digital Certificates July 2011 Revision 1.0 MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark

More information

CS 356 Lecture 28 Internet Authentication. Spring 2013

CS 356 Lecture 28 Internet Authentication. Spring 2013 CS 356 Lecture 28 Internet Authentication Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists

More information

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication Objectives Define authentication Describe the different types of authentication credentials List and explain the

More information

SIMPLIFY MULTI-PLATFORM ENTERPRISE MOBILITY MANAGEMENT

SIMPLIFY MULTI-PLATFORM ENTERPRISE MOBILITY MANAGEMENT DATASHEET SIMPLIFY MULTI-PLATFORM ENTERPRISE MOBILITY MANAGEMENT Silver level EMM Enterprise Mobility Management for Corporate-owned and BYOD devices BlackBerry Enterprise Service 10 is a powerful device,

More information

7.1. Remote Access Connection

7.1. Remote Access Connection 7.1. Remote Access Connection When a client uses a dial up connection, it connects to the remote access server across the telephone system. Windows client and server operating systems use the Point to

More information

Authentication. Authentication in FortiOS. Single Sign-On (SSO)

Authentication. Authentication in FortiOS. Single Sign-On (SSO) Authentication FortiOS authentication identifies users through a variety of methods and, based on identity, allows or denies network access while applying any required additional security measures. Authentication

More information

Cisco Secure ACS. By Igor Koudashev, Systems Engineer, Cisco Systems Australia ivk@cisco.com. 2006 Cisco Systems, Inc. All rights reserved.

Cisco Secure ACS. By Igor Koudashev, Systems Engineer, Cisco Systems Australia ivk@cisco.com. 2006 Cisco Systems, Inc. All rights reserved. Cisco Secure ACS Overview By Igor Koudashev, Systems Engineer, Cisco Systems Australia ivk@cisco.com 2006 Cisco Systems, Inc. All rights reserved. 1 Cisco Secure Access Control System Policy Control and

More information

Technical Certificates Overview

Technical Certificates Overview Technical Certificates Overview Version 8.2 Mobile Service Manager Legal Notice This document, as well as all accompanying documents for this product, is published by Good Technology Corporation ( Good

More information

PowerChute TM Network Shutdown Security Features & Deployment

PowerChute TM Network Shutdown Security Features & Deployment PowerChute TM Network Shutdown Security Features & Deployment By David Grehan, Sarah Jane Hannon ABSTRACT PowerChute TM Network Shutdown (PowerChute) software works in conjunction with the UPS Network

More information

Security Considerations for DirectAccess Deployments. Whitepaper

Security Considerations for DirectAccess Deployments. Whitepaper Security Considerations for DirectAccess Deployments Whitepaper February 2015 This white paper discusses security planning for DirectAccess deployment. Introduction DirectAccess represents a paradigm shift

More information

BlackBerry Enterprise Service 10 version 10.2 preinstallation and preupgrade checklist

BlackBerry Enterprise Service 10 version 10.2 preinstallation and preupgrade checklist BlackBerry Enterprise Service version.2 preinstallation and preupgrade checklist Verify that the following requirements are met before you install or upgrade to BlackBerry Enterprise Service version.2.

More information

Certificate Management. PAN-OS Administrator s Guide. Version 7.0

Certificate Management. PAN-OS Administrator s Guide. Version 7.0 Certificate Management PAN-OS Administrator s Guide Version 7.0 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054 www.paloaltonetworks.com/company/contact-us

More information

vcloud Director User's Guide

vcloud Director User's Guide vcloud Director 5.5 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of

More information

USER GUIDE WWPass Security for Email (Outlook) For WWPass Security Pack 2.4

USER GUIDE WWPass Security for Email (Outlook) For WWPass Security Pack 2.4 USER GUIDE WWPass Security for Email (Outlook) For WWPass Security Pack 2.4 March 2014 TABLE OF CONTENTS Chapter 1 Welcome... 4 Introducing WWPass Security for Email (Outlook)... 5 Supported Outlook Products...

More information

Step-by-step Guide for Configuring Cisco ACS server as the Radius with an External Windows Database

Step-by-step Guide for Configuring Cisco ACS server as the Radius with an External Windows Database Step-by-step Guide for Configuring Cisco ACS server as the Radius with an External Windows Database Table of Contents: INTRODUCTION:... 2 GETTING STARTED:... 3 STEP-1: INTERFACE CONFIGURATION... 4 STEP-2:

More information

Windows 2000 Security Architecture. Peter Brundrett Program Manager Windows 2000 Security Microsoft Corporation

Windows 2000 Security Architecture. Peter Brundrett Program Manager Windows 2000 Security Microsoft Corporation Windows 2000 Security Architecture Peter Brundrett Program Manager Windows 2000 Security Microsoft Corporation Topics Single Sign-on Kerberos v5 integration Active Directory security Delegation of authentication

More information

http://docs.trendmicro.com

http://docs.trendmicro.com Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the product, please review the readme files,

More information

Xperia TM Security. Read about how Xperia TM devices manage security in a corporate IT environment

Xperia TM Security. Read about how Xperia TM devices manage security in a corporate IT environment Xperia TM Security in Business Read about how Xperia TM devices manage security in a corporate IT environment System security Secure storage Network security Device security Digital certificates June 2015

More information

3. Broken Account and Session Management. 4. Cross-Site Scripting (XSS) Flaws. Web browsers execute code sent from websites. Account Management

3. Broken Account and Session Management. 4. Cross-Site Scripting (XSS) Flaws. Web browsers execute code sent from websites. Account Management What is an? s Ten Most Critical Web Application Security Vulnerabilities Anthony LAI, CISSP, CISA Chapter Leader (Hong Kong) anthonylai@owasp.org Open Web Application Security Project http://www.owasp.org

More information

Release Notes. NCP Secure Entry Mac Client. Major Release 2.01 Build 47 May 2011. 1. New Features and Enhancements. Tip of the Day

Release Notes. NCP Secure Entry Mac Client. Major Release 2.01 Build 47 May 2011. 1. New Features and Enhancements. Tip of the Day NCP Secure Entry Mac Client Major Release 2.01 Build 47 May 2011 1. New Features and Enhancements Tip of the Day A Tip of the Day field for configuration tips and application examples is incorporated in

More information

Mobile Admin Security

Mobile Admin Security Mobile Admin Security Introduction Mobile Admin is an enterprise-ready IT Management solution that generates significant cost savings by dramatically increasing the responsiveness of IT organizations facing

More information

Sync Security and Privacy Brief

Sync Security and Privacy Brief Introduction Security and privacy are two of the leading issues for users when transferring important files. Keeping data on-premises makes business and IT leaders feel more secure, but comes with technical

More information

ERNW Newsletter 36 / October 2011. Certificate Based Device Authentication with ios Devices

ERNW Newsletter 36 / October 2011. Certificate Based Device Authentication with ios Devices ERNW Newsletter 36 / October 2011 Certificate Based Device Authentication with ios Devices Version: 1.0 Date: 5 Oct 2011 Author: Rene Graf (rgraf@ernw.de) Table of contents 1 INTRODUCTION... 3 2 BACKGROUND

More information

Kaspersky Security for Mobile Administrator's Guide

Kaspersky Security for Mobile Administrator's Guide Kaspersky Security for Mobile Administrator's Guide APPLICATION VERSION: 10.0 SERVICE PACK 1 Dear User, Thank you for choosing our product. We hope that you will find this documentation useful and that

More information

DRAFT Standard Statement Encryption

DRAFT Standard Statement Encryption DRAFT Standard Statement Encryption Title: Encryption Standard Document Number: SS-70-006 Effective Date: x/x/2010 Published by: Department of Information Systems 1. Purpose Sensitive information held

More information

USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars October 29, 2013

USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars October 29, 2013 USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars Alternate Title? Boy, am I surprised. The Entrust guy who has mentioned PKI during every Security

More information

Getting Started Guide

Getting Started Guide BlackBerry Web Services For Microsoft.NET developers Version: 10.2 Getting Started Guide Published: 2013-12-02 SWD-20131202165812789 Contents 1 Overview: BlackBerry Enterprise Service 10... 5 2 Overview:

More information

SENSE Security overview 2014

SENSE Security overview 2014 SENSE Security overview 2014 Abstract... 3 Overview... 4 Installation... 6 Device Control... 7 Enrolment Process... 8 Authentication... 9 Network Protection... 12 Local Storage... 13 Conclusion... 15 2

More information

Security Overview Enterprise-Class Secure Mobile File Sharing

Security Overview Enterprise-Class Secure Mobile File Sharing Security Overview Enterprise-Class Secure Mobile File Sharing Accellion, Inc. 1 Overview 3 End to End Security 4 File Sharing Security Features 5 Storage 7 Encryption 8 Audit Trail 9 Accellion Public Cloud

More information

Ensuring the security of your mobile business intelligence

Ensuring the security of your mobile business intelligence IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive

More information

Zenprise Device Manager 6.1.5

Zenprise Device Manager 6.1.5 Zenprise Device Manager 6.1.5 CLIENT GUIDE Rev 6.1.50 Introduction 2 ZENPRISE DEVICE MANAGER 6.1 CLIENT GUIDE 2011 Zenprise, Inc. All rights reserved. This manual, as well as the software described in

More information

The Importance of Wireless Security

The Importance of Wireless Security The Importance of Wireless Security Because of the increasing popularity of wireless networks, there is an increasing need for security. This is because unlike wired networks, wireless networks can be

More information

TIBCO Spotfire Platform IT Brief

TIBCO Spotfire Platform IT Brief Platform IT Brief This IT brief outlines features of the system: Communication security, load balancing and failover, authentication options, and recommended practices for licenses and access. It primarily

More information

RELEASE NOTES. Table of Contents. Scope of the Document. [Latest Official] ADYTON Release 2.12.9 - corrections. ADYTON Release 2.12.

RELEASE NOTES. Table of Contents. Scope of the Document. [Latest Official] ADYTON Release 2.12.9 - corrections. ADYTON Release 2.12. Table of Contents Scope of the Document... 1 [Latest Official] ADYTON Release 2.12.9... 1 ADYTON Release 2.12.4... 1 ADYTON Release 2.9.3... 3 ADYTON Release 2.7.7... 3 ADYTON Release 2.6.2... 4 ADYTON

More information

A Guide to New Features in Propalms OneGate 4.0

A Guide to New Features in Propalms OneGate 4.0 A Guide to New Features in Propalms OneGate 4.0 Propalms Ltd. Published April 2013 Overview This document covers the new features, enhancements and changes introduced in Propalms OneGate 4.0 Server (previously

More information

BlackBerry Enterprise Server for Microsoft Exchange Version: 4.1 Service Pack: 7. Administration Guide

BlackBerry Enterprise Server for Microsoft Exchange Version: 4.1 Service Pack: 7. Administration Guide BlackBerry Enterprise Server for Microsoft Exchange Version: 4.1 Service Pack: 7 Administration Guide Published: 2009-11-9 SWD-907816-1109013225-001 Contents 1 Creating administrator accounts... 13 Administrative

More information

APPENDIX B1 - FUNCTIONALITY AND INTEGRATION REQUIREMENTS RESPONSE FORM FOR A COUNTY HOSTED SOLUTION

APPENDIX B1 - FUNCTIONALITY AND INTEGRATION REQUIREMENTS RESPONSE FORM FOR A COUNTY HOSTED SOLUTION APPENDIX B1 - FUNCTIONALITY AND INTEGRATION REQUIREMENTS RESPONSE FORM FOR A COUNTY HOSTED SOLUTION Response Code: Offeror should place the appropriate letter designation in the Availability column according

More information

Installation and Configuration Guide

Installation and Configuration Guide Entrust Managed Services PKI Auto-enrollment Server 7.0 Installation and Configuration Guide Document issue: 1.0 Date of Issue: July 2009 Copyright 2009 Entrust. All rights reserved. Entrust is a trademark

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 12 Applying Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 12 Applying Cryptography Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used

More information

Cisco Secure Access Control Server 4.2 for Windows

Cisco Secure Access Control Server 4.2 for Windows Cisco Secure Access Control Server 4.2 for Windows Overview Q. What is Cisco Secure Access Control Server (ACS)? A. Cisco Secure ACS is a highly scalable, high-performance access control server that operates

More information

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security? 7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk

More information