Free DISA STIG and SRG Library | Vaulted

V-11877

The Device Transport Key must be configured on the BES for AES encryption.

Finding ID
WIR1330-01
Rule ID
SV-12377r3_rule
Severity
Cat III
CCE
(None)
Group Title
Device Transport Key on the BES set for AES
CCI
(None)
Target Key
(None)
Documentable
No
Discussion

AES encryption provides a higher level of security for BlackBerry data.

Fix Text

The Device Transport Key will be configured on the BES for AES encryption.

Check Content

Work with the BlackBerry SA to view the BES configuration setting. In the Supported Encryption Algorithms section, verify that "AES" or "Triple DES and AES" is selected. -BAS >> Server and components menu >> BlackBerry solution topology >> BlackBerry Server. -Click on a server instance. -Check Encryption Algorithm setting. Verify the setting is correct. Note: The following BlackBerry devices have BlackBerry Handheld Software versions earlier than 4.0, which uses 3DES encryption instead of AES: 5820, 5810, 5790, 957, 950, 857, and 850. These older BlackBerry devices should not be used in the DoD since they cannot support some required BlackBerry security features.

Responsibility

System Administrator