UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The Blackberry Administration Service must be configured to disable a user from creating an activation password via BWDM. This requirement applies only to BES 5.x.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22165 WIR1365-01 SV-25765r2_rule ECWN-1 Low
Description
The overall security posture of the Blackberry system is dependent on strict configuration management controls, including ensuring only authorized Blackberry devices are being used and authorized devices are provisioned as required. When this configuration is not set as required, users may have the capability to activate unauthorized BlackBerry devices.
STIG Date
BlackBerry Enterprise Server, Part 2 Security Technical Implementation Guide 2011-04-11

Details

Check Text ( C-27175r1_chk )
Verify the BAS has been configured to disable users from creating activation passwords.

-BAS > Servers and components > Blackberry solution topology > BlackBerry Domain > Components view > Blackberry Administration service

-Select the BlackBerry Web Desktop Manager information tab.

-Verify “Allow user self-activation wirelessly” is set to No.

Mark as a finding if not set as required.
Fix Text (F-23385r1_fix)
The Blackberry Administration Service is configured to disable a user from creating an activation password via BWDM.