UCF STIG Viewer Logo

The Device Transport Key must be configured on the BES for AES encryption.


Overview

Finding ID Version Rule ID IA Controls Severity
V-11877 WIR1330-01 SV-12377r2_rule ECSC-1 Low
Description
AES encryption provides a higher level of security for BlackBerry data.
STIG Date
BlackBerry Enterprise Server, Part 2 Security Technical Implementation Guide 2012-10-01

Details

Check Text ( C-26018r2_chk )
Work with the BlackBerry SA to view the BES configuration setting. In the Supported Encryption Algorithms section, verify that "AES" or "Triple DES and AES" is selected.

-BAS > Server and components menu > BlackBerry solution topology > BlackBerry Server.
-Click on a server instance.
-Check Encryption Algorithm setting. Verify the setting is correct.

Note: The following BlackBerry devices have BlackBerry Handheld Software versions earlier than 4.0, which uses 3DES encryption instead of AES: 5820, 5810, 5790, 957, 950, 857, and 850. These older BlackBerry devices should not be used in the DoD since they cannot support some required BlackBerry security features.
Fix Text (F-23377r1_fix)
The Device Transport Key will be configured on the BES for AES encryption.