UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The Device Transport Key must be configured on the BES for AES encryption.


Overview

Finding ID Version Rule ID IA Controls Severity
V-11877 WIR1330-01 SV-12377r2_rule ECSC-1 Low
Description
AES encryption provides a higher level of security for BlackBerry data.
STIG Date
BlackBerry Enterprise Server (version 5.x), Part 2 Security Technical Implementation Guide 2014-10-08

Details

Check Text ( C-26018r2_chk )
Work with the BlackBerry SA to view the BES configuration setting. In the Supported Encryption Algorithms section, verify that "AES" or "Triple DES and AES" is selected.

-BAS > Server and components menu > BlackBerry solution topology > BlackBerry Server.
-Click on a server instance.
-Check Encryption Algorithm setting. Verify the setting is correct.

Note: The following BlackBerry devices have BlackBerry Handheld Software versions earlier than 4.0, which uses 3DES encryption instead of AES: 5820, 5810, 5790, 957, 950, 857, and 850. These older BlackBerry devices should not be used in the DoD since they cannot support some required BlackBerry security features.
Fix Text (F-23377r1_fix)
The Device Transport Key will be configured on the BES for AES encryption.