Solved

How does exchange 2003 with blackberry bis encryption work

Posted on 2008-10-22
4
582 Views
Last Modified: 2013-11-08
I have exchange 2003 and some people are now using blackberries to read their emails.  They are using the blackberry information service (BIS) that comes with the phone from at&t.  My understanding is that the BIS keeps checking our exchange server for emails for that user, and if there is one, it gets it and sends it to the users phone.  There is no encryption installed on the exchange 2003 server like SSL, so how does the BIS  check the persons account without sending the user name and password in plaintext over the internet.  Or does it send that in plaintext over the internet.  Also, it doesn't encrypt the email itself, does it?  I could find any articles here or on the internet that address this, they mostly start refering to the Blackberry Enterprise server, which we don't have.
Can any body point me to any articles about these details (BIS and encryption)?
Thanks a lot,
Elmer
0
Comment
Question by:elmert
  • 2
  • 2
4 Comments
 
LVL 11

Expert Comment

by:ALogvin
ID: 22783044
E-mail between the BIS server and your Blackberry is encrypted, however typically users that dont have a BES use POP3 to access their mailboxes... and POP3 isnt very secure, as you mentioned. That is a big reason people purchase BES servers.
0
 

Author Comment

by:elmert
ID: 22783439
so does that mean the username and password between the pop3 server and BIS server are in plaintext?  
0
 
LVL 11

Accepted Solution

by:
ALogvin earned 250 total points
ID: 22786854
"Email messages sent between the BlackBerry Internet Service and the BlackBerry Internet Service subscribers BlackBerry smartphone are not encrypted. When transmitted over the wireless network, the email messages are subject to the existing or available network security model(s).

When you log in to the BlackBerry Internet Service, the data is transmitted over a Secure Sockets Layer (SSL) connection."

I finally found the direct quote, so let me modify my answer from before. When you log into the web client to enter your username and password, it is a SSL connection, and is encypted. When the e-mails are forwarded to your device, they are not encypted.
0
 

Author Closing Comment

by:elmert
ID: 31509048
thanks, that helps a lot
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As a financial services provider, your business is impacted by two of the strictest federal regulations on record: the Sarbanes-Oxley Act and the Gramm-Leach-Bliley Act. Correctly implementing faxing into your organization to provide secure, real-ti…
The article will include the best Data Recovery Tools along with their Features, Capabilities, and their Download Links. Hope you’ll enjoy it and will choose the one as required by you.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question