Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

How does exchange 2003 with blackberry bis encryption work

Posted on 2008-10-22
Last Modified: 2013-11-08
I have exchange 2003 and some people are now using blackberries to read their emails.  They are using the blackberry information service (BIS) that comes with the phone from at&t.  My understanding is that the BIS keeps checking our exchange server for emails for that user, and if there is one, it gets it and sends it to the users phone.  There is no encryption installed on the exchange 2003 server like SSL, so how does the BIS  check the persons account without sending the user name and password in plaintext over the internet.  Or does it send that in plaintext over the internet.  Also, it doesn't encrypt the email itself, does it?  I could find any articles here or on the internet that address this, they mostly start refering to the Blackberry Enterprise server, which we don't have.
Can any body point me to any articles about these details (BIS and encryption)?
Thanks a lot,
Question by:elmert
  • 2
  • 2
LVL 11

Expert Comment

ID: 22783044
E-mail between the BIS server and your Blackberry is encrypted, however typically users that dont have a BES use POP3 to access their mailboxes... and POP3 isnt very secure, as you mentioned. That is a big reason people purchase BES servers.

Author Comment

ID: 22783439
so does that mean the username and password between the pop3 server and BIS server are in plaintext?  
LVL 11

Accepted Solution

ALogvin earned 250 total points
ID: 22786854
"Email messages sent between the BlackBerry Internet Service and the BlackBerry Internet Service subscribers BlackBerry smartphone are not encrypted. When transmitted over the wireless network, the email messages are subject to the existing or available network security model(s).

When you log in to the BlackBerry Internet Service, the data is transmitted over a Secure Sockets Layer (SSL) connection."

I finally found the direct quote, so let me modify my answer from before. When you log into the web client to enter your username and password, it is a SSL connection, and is encypted. When the e-mails are forwarded to your device, they are not encypted.

Author Closing Comment

ID: 31509048
thanks, that helps a lot

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question