How does exchange 2003 with blackberry bis encryption work

Posted on 2008-10-22
Last Modified: 2013-11-08
I have exchange 2003 and some people are now using blackberries to read their emails.  They are using the blackberry information service (BIS) that comes with the phone from at&t.  My understanding is that the BIS keeps checking our exchange server for emails for that user, and if there is one, it gets it and sends it to the users phone.  There is no encryption installed on the exchange 2003 server like SSL, so how does the BIS  check the persons account without sending the user name and password in plaintext over the internet.  Or does it send that in plaintext over the internet.  Also, it doesn't encrypt the email itself, does it?  I could find any articles here or on the internet that address this, they mostly start refering to the Blackberry Enterprise server, which we don't have.
Can any body point me to any articles about these details (BIS and encryption)?
Thanks a lot,
Question by:elmert
  • 2
  • 2
LVL 11

Expert Comment

ID: 22783044
E-mail between the BIS server and your Blackberry is encrypted, however typically users that dont have a BES use POP3 to access their mailboxes... and POP3 isnt very secure, as you mentioned. That is a big reason people purchase BES servers.

Author Comment

ID: 22783439
so does that mean the username and password between the pop3 server and BIS server are in plaintext?  
LVL 11

Accepted Solution

ALogvin earned 250 total points
ID: 22786854
"Email messages sent between the BlackBerry Internet Service and the BlackBerry Internet Service subscribers BlackBerry smartphone are not encrypted. When transmitted over the wireless network, the email messages are subject to the existing or available network security model(s).

When you log in to the BlackBerry Internet Service, the data is transmitted over a Secure Sockets Layer (SSL) connection."

I finally found the direct quote, so let me modify my answer from before. When you log into the web client to enter your username and password, it is a SSL connection, and is encypted. When the e-mails are forwarded to your device, they are not encypted.

Author Closing Comment

ID: 31509048
thanks, that helps a lot

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
Explore the encryption capabilities built into Google Apps and how these features can help you meet privacy policy and regulatory compliance, but are not a full solution. Understand and compare the most popular email encryption services for Google A…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now