Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-48513 | BBDS-00-000132 | SV-61385r1_rule | Medium |
Description |
---|
Cryptography is only as strong as the encryption modules/algorithms that are employed to encrypt the data. Strong encryption must be used to protect the integrity and confidentiality of the data. In this case the requirement states that S/MIME must utilize a 3DES or AES encryption algorithm. |
STIG | Date |
---|---|
BlackBerry Enterprise Service v10.2.x BlackBerry Device Service STIG | 2014-07-02 |
Check Text ( C-50849r1_chk ) |
---|
Review the BlackBerry Device Service server policy configuration to determine whether the encryption algorithms used to encrypt S/MIME protected email messages are 3DES or AES256. If there are multiple policies, they must all be reviewed. Otherwise, this is a finding. |
Fix Text (F-52119r1_fix) |
---|
Configure the centrally managed BlackBerry Device Service server policy rule to enforce the email client S/MIME encryption algorithm to be 3DES or AES256 via centrally managed policy. Log into BlackBerry Administration Service, and under "BlackBerry solution management" on the left side of the screen, navigate to "Profiles > Manage email profiles > |