|
|
|
04-25-2008, 12:24 PM
|
#21
|
Wireless Sith Lord
Join Date: Jan 2007
Location: Online
Model: iOS 6
Carrier: Verizon x2
Posts: 1,458
|
Please Login to Remove!
Quote:
Originally Posted by penguin3107
Jeez... that's a bit drastic.
I think you're making too much work for yourself.
Just wipe the data and reactivate it for a new user.
|
Nah... JL_CMDR is my friend. LOL
__________________
DarthBBerry
6-Time BlackBerry World Champion (2007-2012)
BlackBerry® Certified Support Specialist v5.0
BlackBerry® Certified System Administrator v5.0
|
Offline
|
|
04-25-2008, 12:25 PM
|
#22
|
iPhone Convert
Join Date: Oct 2005
Location: Tulip City - MI
Model: iP5
OS: 6.0.2
PIN: to beans
Carrier: I'm not
Posts: 13,878
|
Quote:
Originally Posted by DarthBBerry
By the time I get a device back from the user, it's an older one with an older OS. Refresh, refurb and sanitized wipe later... it's good as new.
|
Yea, that I can understand. Although, in my case it's REALLY hard to upgrade the OS on a Nextel 7520 or 7100i since there isn't any newer software
However, if I get newer devices back (like the Sprint 8830's) I don't wipe the OS, just do a security wipe and toss it in a drawer for the next person.
__________________
No longer a BES Admin, but it was fun while it lasted!
|
Offline
|
|
04-25-2008, 12:37 PM
|
#23
|
Retired BBF Moderator
Join Date: Aug 2005
Model: 9000
OS: 4.6.0.xxx
Carrier: AT&T
Posts: 10,149
|
wiping a device is not something that is done accidentally in *most* cases. Its the user forgot their password and instead of calling in and saying "can you reset my password for me" (which you can do) they keep trying, typing blackberry not once, but twice before the device resets.
|
Offline
|
|
04-25-2008, 12:47 PM
|
#24
|
Talking BlackBerry Encyclopedia
Join Date: Oct 2007
Model: 8830
PIN: N/A
Carrier: Sprint, Alltel
Posts: 262
|
Quote:
Originally Posted by Sith_Apprentice
wiping a device is not something that is done accidentally in *most* cases. Its the user forgot their password and instead of calling in and saying "can you reset my password for me" (which you can do) they keep trying, typing blackberry not once, but twice before the device resets.
|
You can reset the password without error only if content protection is not on.
|
Offline
|
|
04-25-2008, 12:49 PM
|
#25
|
New Member
Join Date: Jul 2007
Location: In a van down by the river.
Model: NOTE2
OS: 4.1
PIN: <- Where do I find this?
Carrier: Sprint
Posts: 15,104
|
Quote:
Originally Posted by scott_perry
You can reset the password without error only if content protection is not on.
|
Only if you are aware of there being an issue. If the user never contacts you, then they are SOL.
|
Offline
|
|
04-25-2008, 01:05 PM
|
#26
|
Retired BBF Moderator
Join Date: Aug 2005
Model: 9000
OS: 4.6.0.xxx
Carrier: AT&T
Posts: 10,149
|
the new OS and new BES 4.1.5 fix the content protection issue. Or at least have for me.
|
Offline
|
|
04-25-2008, 01:11 PM
|
#27
|
Wireless Sith Lord
Join Date: Jan 2007
Location: Online
Model: iOS 6
Carrier: Verizon x2
Posts: 1,458
|
The main problem I see with the end user giving themselves a new password is accessing the Setup Wizard. NONE of them ever see this as all devices come through me first. I do the setup for them and hide the Wizard icon after wireless OTA synch.
Methinks that iffin I implement an IT policy with password protection enabled, I'm gonna get a LOT busier resetting devices with forgotten passwords!
__________________
DarthBBerry
6-Time BlackBerry World Champion (2007-2012)
BlackBerry® Certified Support Specialist v5.0
BlackBerry® Certified System Administrator v5.0
|
Offline
|
|
04-25-2008, 01:14 PM
|
#28
|
iPhone Convert
Join Date: Oct 2005
Location: Tulip City - MI
Model: iP5
OS: 6.0.2
PIN: to beans
Carrier: I'm not
Posts: 13,878
|
Are you saying you don't enforce a password on any of your devices?? EEK!
__________________
No longer a BES Admin, but it was fun while it lasted!
|
Offline
|
|
04-25-2008, 01:19 PM
|
#29
|
Wireless Sith Lord
Join Date: Jan 2007
Location: Online
Model: iOS 6
Carrier: Verizon x2
Posts: 1,458
|
Not presently. It's kinda up to the end user. But we're changing out corporate outlook.
__________________
DarthBBerry
6-Time BlackBerry World Champion (2007-2012)
BlackBerry® Certified Support Specialist v5.0
BlackBerry® Certified System Administrator v5.0
|
Offline
|
|
04-25-2008, 01:22 PM
|
#30
|
Retired BBF Moderator
Join Date: Aug 2005
Model: 9000
OS: 4.6.0.xxx
Carrier: AT&T
Posts: 10,149
|
must not have anything on the devices you want to hide then. any lost BB means that anyone can get any information they want until the device is wiped.
|
Offline
|
|
04-25-2008, 01:25 PM
|
#31
|
Wireless Sith Lord
Join Date: Jan 2007
Location: Online
Model: iOS 6
Carrier: Verizon x2
Posts: 1,458
|
Quote:
Originally Posted by Sith_Apprentice
must not have anything on the devices you want to hide then. any lost BB means that anyone can get any information they want until the device is wiped.
|
Most of my users call me when they lose their device; usually within 12 hours or less. Then it's a matter of [Click and Lock] from BES. We're looking at alternative options as more secure data is being stored on them.
__________________
DarthBBerry
6-Time BlackBerry World Champion (2007-2012)
BlackBerry® Certified Support Specialist v5.0
BlackBerry® Certified System Administrator v5.0
|
Offline
|
|
04-25-2008, 01:26 PM
|
#32
|
Retired BBF Moderator
Join Date: Aug 2005
Model: 9000
OS: 4.6.0.xxx
Carrier: AT&T
Posts: 10,149
|
force a password on the device. and 12 hours is a LONG time to get anything off an unprotected device. heck, they could backup the device. wipe it to get rid of the BES connection, then just restore the information on it, and there would be nothing you could do about it. if you force a password, and have a timeout of say 10min (also lock when holstered), then that is considerably more secure.
On select users on my BES i force a password, and 5 minutes of inactivity causes the device to lock. you could also set it so that it will prompt for the password even when you are using the device, and if the user fails to type in the password prompt it locks the device. (this is a bit overboard IMO, but works)
Last edited by Sith_Apprentice; 04-25-2008 at 01:28 PM..
|
Offline
|
|
04-25-2008, 01:33 PM
|
#33
|
Wireless Sith Lord
Join Date: Jan 2007
Location: Online
Model: iOS 6
Carrier: Verizon x2
Posts: 1,458
|
Quote:
Originally Posted by Sith_Apprentice
force a password on the device. and 12 hours is a LONG time to get anything off an unprotected device. heck, they could backup the device. wipe it to get rid of the BES connection, then just restore the information on it, and there would be nothing you could do about it. if you force a password, and have a timeout of say 10min (also lock when holstered), then that is considerably more secure.
On select users on my BES i force a password, and 5 minutes of inactivity causes the device to lock. you could also set it so that it will prompt for the password even when you are using the device, and if the user fails to type in the password prompt it locks the device. (this is a bit overboard IMO, but works)
|
I also remove the USB cable and desktop software before deployment.
__________________
DarthBBerry
6-Time BlackBerry World Champion (2007-2012)
BlackBerry® Certified Support Specialist v5.0
BlackBerry® Certified System Administrator v5.0
|
Offline
|
|
04-25-2008, 01:44 PM
|
#34
|
Retired BBF Moderator
Join Date: Aug 2005
Model: 9000
OS: 4.6.0.xxx
Carrier: AT&T
Posts: 10,149
|
those can be picked up anywhere. software is a free download, and the USB cable is a universal cable used for many digital cameras.
|
Offline
|
|
04-25-2008, 01:56 PM
|
#35
|
Wireless Sith Lord
Join Date: Jan 2007
Location: Online
Model: iOS 6
Carrier: Verizon x2
Posts: 1,458
|
Quote:
Originally Posted by Sith_Apprentice
those can be picked up anywhere. software is a free download, and the USB cable is a universal cable used for many digital cameras.
|
Not wanting to put them down... but most of my users arent smart enough to figure that out. If it's not in the box, then it doesnt exist for them.
__________________
DarthBBerry
6-Time BlackBerry World Champion (2007-2012)
BlackBerry® Certified Support Specialist v5.0
BlackBerry® Certified System Administrator v5.0
|
Offline
|
|
04-25-2008, 02:26 PM
|
#36
|
Talking BlackBerry Encyclopedia
Join Date: Oct 2007
Model: 8830
PIN: N/A
Carrier: Sprint, Alltel
Posts: 262
|
I don't think sith is concerned about your users, but rather, the person who took/found the device after your user lost it.
|
Offline
|
|
04-25-2008, 02:35 PM
|
#37
|
Wireless Sith Lord
Join Date: Jan 2007
Location: Online
Model: iOS 6
Carrier: Verizon x2
Posts: 1,458
|
Quote:
Originally Posted by scott_perry
I don't think sith is concerned about your users, but rather, the person who took/found the device after your user lost it.
|
If thats the case, the BES push to lock and erase is the first step. Then I call the service provider's TSupport and suspend service to the line.
Mua-ha-ha! The Overlord strikes again!
__________________
DarthBBerry
6-Time BlackBerry World Champion (2007-2012)
BlackBerry® Certified Support Specialist v5.0
BlackBerry® Certified System Administrator v5.0
|
Offline
|
|
04-25-2008, 02:38 PM
|
#38
|
BlackBerry God
Join Date: Jan 2005
Model: iOS 5
Carrier: VZW
Posts: 11,701
|
Quote:
Originally Posted by DarthBBerry
If thats the case, the BES push to lock and erase is the first step. Then I call the service provider's TSupport and suspend service to the line.
Mua-ha-ha! The Overlord strikes again!
|
You're missing the point, DarthBBerry.
You said it can take up to 12 hours for you to be notified of a missing device.
Heck, a BB savvy person can own the device in a few minutes if they wanted to.
In that time, the person who took the device has probably already stolen the data from it, wiped it out, and made it their own. You can send all the lock/kill commands you want from the BES, but they're useless because the device is not likely connected to the BES anymore.
The thief who has your user's device is the one laughing at you... not the other way around.
You should really consider enforcing password use on your devices, and set the timeout to a short duration.
It's your responsibility as a BES Administrator.
Last edited by penguin3107; 04-25-2008 at 02:41 PM..
|
Offline
|
|
04-25-2008, 02:57 PM
|
#39
|
Wireless Sith Lord
Join Date: Jan 2007
Location: Online
Model: iOS 6
Carrier: Verizon x2
Posts: 1,458
|
Quote:
Originally Posted by penguin3107
You should really consider enforcing password use on your devices, and set the timeout to a short duration.
It's your responsibility as a BES Administrator.
|
Hence, why I'm doing this.
__________________
DarthBBerry
6-Time BlackBerry World Champion (2007-2012)
BlackBerry® Certified Support Specialist v5.0
BlackBerry® Certified System Administrator v5.0
|
Offline
|
|
04-25-2008, 06:37 PM
|
#40
|
BBF Moderator
Join Date: Jun 2005
Model: Z30
OS: 10.2.1.x
PIN: s & needles
Carrier: AT&T
Posts: 34,720
|
It's a matter of how sensitive the data on the device is. For us, it's just our phone numbers and pins. They can have the emails from my wife asking me to pick up milk on the way home and that I have a trip next Tuesday. If it's not that important, let the users decide. If it's quite sensitive then force lock it.
Backing up a ways, I don't see the issue with the device wiping after incorrect passwords and allowing a new password to be set. The data was protected via wiping it. Sure the new user has access to the phone but that's not a security breach. The setup wizard can be used but to do what with? They can't connect to the BES with it. You still need an activation code that you, the BES Admin has to set. They could setup a BIS email account for their own email....Now they finally have that done and you lock the account because you just found out it's stolen. They didn't get very far. They can, however, put another sim card in it and away they go. You lost a $300 device. That's it.
|
Offline
|
|
|
|