The Device Transport Key will be configured on the BES for AES encryption.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-11877 | WIR1330-01 | SV-12377r9_rule | ECSC-1 | Low |
| Description |
|---|
| AES encryption provides a higher level of security for BlackBerry data. |
| STIG | Date |
|---|---|
| BlackBerry Enterprise Server, Part 2 Security Technical Implementation Guide | 2011-07-14 |
Details
| Check Text ( C-26018r3_chk ) |
|---|
| Work with the BlackBerry SA to view the BES configuration setting. In the Supported Encryption Algorithms section, verify that "AES" or "Triple DES and AES" is selected. For BES 5.0 -BAS > Server and components menu > BlackBerry solution topology > BlackBerry Server. -Click on a server instance . -Check Encryption Algorithm setting. Verify the setting is correct. For BES 4.1.x In BlackBerry Manager, click on a BES to review. - Select the Server Configuration tab. - Click on Edit Properties. - Click on General in Properties list. - Check Encryption Algorithm setting. Verify the setting is correct. Note: The following BlackBerry devices have BlackBerry Handheld Software versions earlier than 4.0, which uses 3DES encryption instead of AES: 5820, 5810, 5790, 957, 950, 857, and 850. These older BlackBerry devices should not be used in the DoD since they cannot support some required BlackBerry security features. |
| Fix Text (F-23377r2_fix) |
|---|
| The Device Transport Key will be configured on the BES for AES encryption. |