How does exchange 2003 with blackberry bis encryption work

Posted on 2008-10-22
Last Modified: 2013-11-08
I have exchange 2003 and some people are now using blackberries to read their emails.  They are using the blackberry information service (BIS) that comes with the phone from at&t.  My understanding is that the BIS keeps checking our exchange server for emails for that user, and if there is one, it gets it and sends it to the users phone.  There is no encryption installed on the exchange 2003 server like SSL, so how does the BIS  check the persons account without sending the user name and password in plaintext over the internet.  Or does it send that in plaintext over the internet.  Also, it doesn't encrypt the email itself, does it?  I could find any articles here or on the internet that address this, they mostly start refering to the Blackberry Enterprise server, which we don't have.
Can any body point me to any articles about these details (BIS and encryption)?
Thanks a lot,
Question by:elmert
  • 2
  • 2
LVL 11

Expert Comment

ID: 22783044
E-mail between the BIS server and your Blackberry is encrypted, however typically users that dont have a BES use POP3 to access their mailboxes... and POP3 isnt very secure, as you mentioned. That is a big reason people purchase BES servers.

Author Comment

ID: 22783439
so does that mean the username and password between the pop3 server and BIS server are in plaintext?  
LVL 11

Accepted Solution

ALogvin earned 250 total points
ID: 22786854
"Email messages sent between the BlackBerry Internet Service and the BlackBerry Internet Service subscribers BlackBerry smartphone are not encrypted. When transmitted over the wireless network, the email messages are subject to the existing or available network security model(s).

When you log in to the BlackBerry Internet Service, the data is transmitted over a Secure Sockets Layer (SSL) connection."

I finally found the direct quote, so let me modify my answer from before. When you log into the web client to enter your username and password, it is a SSL connection, and is encypted. When the e-mails are forwarded to your device, they are not encypted.

Author Closing Comment

ID: 31509048
thanks, that helps a lot

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now