BlackBerry Web Desktop Manager must be configured to disable a users capability to perform a user-initiated backup or restore.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-48579 | BBDS-00-000286 | SV-61455r1_rule | Low |
| Description |
|---|
| The overall security posture of the BlackBerry system is dependent on strict configuration management controls, including ensuring only authorized BlackBerry devices are being used and authorized devices are provisioned as required. When these configurations are not set as required, users may have the capability to activate unauthorized BlackBerry devices. |
| STIG | Date |
|---|---|
| BlackBerry Enterprise Service v10.2.x BlackBerry Device Service STIG | 2015-07-23 |
Details
| Check Text ( C-50905r1_chk ) |
|---|
| Review the BlackBerry Device Service server policy configuration to determine whether a user initiated backup or restore of the Work Space of a managed mobile device has been disabled. If there are multiple policies, they must all be reviewed. Otherwise, this is a finding. |
| Fix Text (F-52259r1_fix) |
|---|
| Configure the centrally managed BlackBerry Device Service server policy rule to disallow a user initiated backup or restore of the Work Space of a managed mobile device. For BlackBerry Balance (Corporate and Regulated) devices, log into BlackBerry Administration Service, and under "BlackBerry solution management" on the left side of the screen, navigate to "Policy > Manage IT policies > For Work Space only devices, log into BlackBerry Administration Service, and under "BlackBerry solution management" on the left side of the screen, navigate to "Policy > Manage IT policies > |