BlackBerry Web Desktop Manager must be configured to permit users to activate new BlackBerry devices only.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-25431 | WIR1365-03 | SV-31617r3_rule | Medium |
| Description |
|---|
| The overall security posture of the BlackBerry system is dependent on strict configuration management controls, including ensuring only authorized BlackBerry devices are being used and authorized devices are provisioned as required. When this configuration is not set as required, users may have the capability to activate unauthorized BlackBerry devices. |
| STIG | Date |
|---|---|
| BlackBerry Enterprise Server (version 5.x), Part 2 Security Technical Implementation Guide | 2016-09-08 |
Details
| Check Text ( C-31958r3_chk ) |
|---|
| Verify the BAS has been configured to permit users to activate new BlackBerry devices only. BAS >> Servers and components >> BlackBerry solution topology >> BlackBerry Domain >> Components view >> BlackBerry Administration service Select the "BlackBerry Web Desktop Manager Information" tab. Verify "Allow user wireline activation" has been set to "Activate Unused PINs only". If not set as required, this is a finding. |
| Fix Text (F-28377r2_fix) |
|---|
| BlackBerry Administration Service is configured to permit users to activate new BlackBerry devices only via BWDM. |