by Al Sacco, CIO.com - BlackBerry has gained a reputation in the mobile space during the past decade or so as the "most secure" handheld device and mobile platform available. That's largely due to RIM's BlackBerry Enterprise Server (BES) software for corporate e-mail deployments, which has earned high-level security certifications from some of the world's most demanding information-security organizations, including the U.S. National Institute of Standards and Technology (NIST); Canada's Communication Security Establishment (CSE); and the U.K.'s Communications Electronic Security Group (CESG), among others.
That's all fine and good for corporations looking to secure infrastructure and resources associated with their BlackBerry deployments. But no amount of security certifications can make up for an uninformed and/or careless BlackBerry user.
That's why, as a BlackBerry smartphone owner, you need to do your part to keep your device, and all the information on it, secure; whether you're a corporate BlackBerry user on a BES or a BlackBerry Internet Service (BIS) customer, you can manage a number of quick and easy security safeguards on your own...and you'd be wise to do so if you'd prefer that personal and/or sensitive data on your device remains "for your eyes only."
Here's a detailed list of five tips you can use to reinforce your BlackBerry smartphone's security protections -- and perhaps reduce future headaches associated with a lost or stolen BlackBerry.
1) Password, Password, Password...One More Time: Password
If your corporate BlackBerry administrator doesn't enforce a password policy on your device or you're a consumer BlackBerry user on BIS, the very first thing you should do with your smartphone is enable password-protection. This is probably the single most important--and effective--BlackBerry security tip that anyone can offer you.
After all, there's little an average perpetrator can do with a locked-down BlackBerry, besides erase its contents.
To enable a new password for your BlackBerry smartphone, simply open your BlackBerry Options menu, then scroll down to and click the word Password. On the following screen, select the Password field and then enable the option via the corresponding pop-up box.
From there, hit your BlackBerry Escape key--located directly to the right of your track ball or trackpad--save your changes when prompted and then enter your new BlackBerry password. After typing the new password once, you'll be prompted to confirm your selection. Verify the password by typing it again, and your BlackBerry will be properly locked down. Just type your password again to unlock the device.
Employing a password that's easy to guess and/or determine defeats the purpose of password-protecting your device; pick a random password that isn't the word "password" or your birthday, etc. (Your BlackBerry password must be at least four characters.) And don't store that password anywhere on your BlackBerry, unless it's in the built-in password keeper app--more on that in a minute.
After enabling a BlackBerry password, you gain access to a number of related security options on the same screen. For instance, you can specify the number of failed password attempts you'd like to permit before your device locks itself down; you can pick a Security Timeout period for how long your device should remain unlocked before enabling the password; and you can choose to require a password whenever new applications are installed, to prevent apps from being installed without your knowledge.
2) Encrypt BlackBerry Device Data
Another way to help protect your BlackBerry device and the information stored within it is by encrypting your smartphone data. You can encrypt data stored on your device and/or your microSD media card. Doing so "scrambles" the information so it can't be transferred and interpreted if your device falls into the wrong hands or gets hacked.
To enable encryption on your BlackBerry, again open up your BlackBerry Options menu, scroll down to Security Options and on the following screen, choose Encryption. Then, open up the Encryption menu on the next screen and pick Enabled.
As soon as you enable the BlackBerry encryption option, a number of additional choices appear on the same screen, to let you customize your device encryption. For example, you can set your device/memory card encryption strength (strong, stronger and strongest) and fully encrypt your device memory, including contacts and media files. Or, you can choose to encrypt only your media card, so it cannot be removed and then inserted into another device to access stored information.
After enabling encryption, you may be prompted to tap BlackBerry keys to "generate random information for the new content key pair." This process is used to generate a new, random encryption key that'll help ensure your device and/or media card remain protected. Simply tap your BlackBerry keyboard until you're returned to the Security Options page.
(Note: You may see some performance degradation after enabling device-memory encryption, especially if you choose the "strongest" setting, i.e., your BlackBerry may slow down a bit. So depending on your security needs, it could be a good idea to begin with the lowest encryption setting to see how it affects your handheld.)
3) Locking Down BlackBerry Bluetooth Security
All new BlackBerry devices have Bluetooth radios for connecting wirelessly to calling- and media-accessories, as well as for small-file transfers. Bluetooth can be invaluable to BlackBerry users, but it should be employed securely. For example, you can enable a number of Bluetooth options to secure connections to accessories and devices, as well as ensure you only connect to the desired gadgets.
To access your Bluetooth options, turn your Bluetooth radio on by opening the BlackBerry Manage Connections menu and checking the box next to Bluetooth. Next, while still on the Manage Connections screen, scroll down to and pick Bluetooth Options.
The following screen shows a variety of Bluetooth options, some are which are security-oriented. First, you'll see an option labeled Discoverable. This option lets you determine whether or not you want your BlackBerry to show up when nearby users search for Bluetooth enabled devices. If you set the option to No, others will not be able to pair or connect with you via Bluetooth; you'll have to manually add them if you wish to connect. If you choose the Yes option, anyone with a Bluetooth device in range will see your BlackBerry if they scan for nearby gadgets. And the third option, 2 Minutes means your device will be viewable to others scanning for Bluetooth devices for only two minutes after you make the change.
Setting BlackBerry Bluetooth discoverability to No is probably the most secure option, because no one will be able to connect to your device via Bluetooth. But I often use the 2 Minutes option, as well, to let other, known parties quickly connect to my device.
On the same screen, you can choose to allow or deny outgoing calls via Bluetooth--I use the "Always" option, because I frequently place hands-free calls via Bluetooth, with my device both locked and unlocked. You can also enable or disable your Bluetooth contact-transfer option, which allows you to quickly transfer BlackBerry contacts via Bluetooth. And there's a Security Level that lets you choose either High or High + Encryption to protect data sent and/or received via Bluetooth--the latter option scrambles data transferred via Bluetooth.
Finally, you can pick and choose which services you want to enable Bluetooth for--headset, hands-free, dial-up networking, etc.--to reduce possible security threats. So, for example, if you never use your device for wireless tethering, you could uncheck the Dial-Up Networking option.
4) Protect Passwords and Other Sensitive On-Device Data
It may be tempting to store password, payment card information or other login data on your BlackBerry, but there are right and wrong ways to do so. The wrong way is to simply store such information in saved BlackBerry e-mail messages, to-do items or notes, without any sort of protection. If your device falls into the wrong hands, a hacker could potentially search your inbox or message list for the terms "Visa," "Master Card" etc., in hopes of locating financial information that could lead to cash.
But if you protect all your passwords and/or sensitive information using something like RIM's built-in Password Keeper app, potential baddies looking for personal data would have to find not only a way into your device, but also a way to crack your password keeper.
To employ Password Keeper, simply open up the app--it ships with all new BlackBerrys--and create a password to protect all your other passwords. Obviously, this master password should be difficult to guess. Then simply hit your BlackBerry Menu key--to the left of the trackball/trackpad--and choose New to create a new password item. You'll be prompted for a Title, Username, Password, a Website and Notes, but you can use any of the fields to store whatever information you wish.
You may also want to check out RIM's BlackBerry Wallet, which is designed to securely store payment information.
After storing information in either RIM's Password Keeper or BlackBerry Wallet, you simply open up the apps and enter your master passwords to access your sensitive data in the future.
5) Parting With Your Device? Make Sure It's Wiped
Whether you've upgraded to a new model, traded handhelds with a friend or colleague, or misplaced your BlackBerry, if you part with your device for any significant period of time, you should "wipe" it clean to ensure no sensitive information is lost.
Obviously, if you've lost or misplaced your device, or--gulp!--it was stolen, you can't wipe it on your own. But if you're on a corporate BES or BES Express, you can still have your BlackBerry administrator remotely wipe your device clean, assuming it's still connected to your organization's BlackBerry Server.
And it's best not to waste time; if you suspect your device has been nabbed, tell your BlackBerry administrator immediately, even if you think you may be able to find it. Mistakes happen and your admin should understand. Even if you locate the device in the future, it's safer to wipe it clean and simply restore your data from a backup, than take a chance of someone hacking your personal information. (You are backing up your BlackBerry regularly, right?)
If you're trading your device with a colleague or upgrading and sending off the device to Cell Phones for Soldiers or some equally deserving organization, you'll want to wipe your BlackBerry yourself before parting with it. The process is a simple one, and I recently wrote up a detailed tutorial, so I won't take up any more space here. Jump on over to "How to Wipe Your BlackBerry Clean, Restore Factory Settings" for additional information.