[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 642
  • Last Modified:

lost blackberry

hi

a user has lost his blackberry device.  it is password protected and should have been locjked at the time of losing it!
he has emails, tasks and contacts and i need to know what risk this poses should someone be able to hack into it.  its a BIS and not BES.

thansk
0
churchhousetrust
Asked:
churchhousetrust
  • 4
  • 3
  • 2
  • +3
7 Solutions
 
antony_kibble<!-8D58D5C365651885FB5A77A120C8C8C6-->Commented:
Would imagine not a great deal. If the password is time activated so that it locks after a period of time then the chances are if it was lost, then whoever picked it up isn't going to waste time trying to hack into it and will just throw it. In the event that they do hack in, then they have access to send mail using that account. Would suggest, if you have any doubts get your ISP to disable that mail account and set the user up with a new one and set up forwarding on the old account so that mails don't get routed to that mailbox. Any locally help contacts and documents on the handset are lost.
0
 
Gary CutriCommented:
Hi, if a person enters the blackberry password incorrectly 10 times the device will automatically be erased back to factory defaults (all personally data is nuked).
0
 
jderaCommented:
Depending on the carrier, for example ATT, you can have them basically remotely nuke the chip on the device. Kills the device from a phone perspective.  But one thing I would be weary of is if the user had a SIM chip in the device, they can physically take that and if anything is saved on that chip, regardless if there is a password on it.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
aleghartCommented:
>he has emails, tasks and contacts and i need to know what risk this poses

Fairly simple to assess:  the new owner will have access to all email, tasks, and contacts.  Will be able to send/receive mail until you change the password.

BIS email is based on POP.  Change the user's password on the server...should not require creating an entirely new account.

Many people do not configure automatic locking.  Even if it was configured, if the BB was unlocked at the time, the timer could be turned off.

The user should have reported this to the phone company already.  The carrier will kill the SIM and log the IMEI number.  Hopefully, they will not allow it to be re-activated.  (Some carriers share their stolen/lost IMEI lists.)

If this was on BES, I would suggest sending the kill first.  When confirmed, have the ISP kill the SIM.  If they kill the SIM first, your kill won't go through.

But, since this is BIS, the user is 100% responsible for protecting the data.

I would recommend review of all the contact and mail data that may still be stored on the BB device.  The user should change all passwords, combinations, secret answers, etc. in order of most risk.  For instance, alarm codes and e-mail passwords come before gym locker combination.  :)

0
 
Gary CutriCommented:
As mentioned, your device is password protected so they cannot get to the data.  Enter the password incorrectly 10 times and the device is wiped back to factory defaults.  But I forgot to mention is that when a user is on BIS you need to log onto the BlackBerry Web Client and delete the users email address.  If you dont a personal can wipe the device and the next time a Blackberry Enabled SIM is inserted it will start downloading your email again.
0
 
churchhousetrustAuthor Commented:
the device is locked and data should be safe, i have change password on the carriers site, so future emails are ok (we send emails from our exchange server)
0
 
Gary CutriCommented:
If the device is locked the data is perfectly safe but call the carrier and have them delete the BIS account and cancel the SIM.
0
 
churchhousetrustAuthor Commented:
sim also suspended.  do i really need to delete the email account? can i not use this one on the new SIM/device?
0
 
Gary CutriCommented:
It is recommended to call the carrier and ask them to either delete the device PIN from the BlackBerry Web Client or have them delete the entire account.  If you have already assigned a new device to this user by using the "Change Device" option in the web client this step can be ignored.
0
 
aleghartCommented:
>do i really need to delete the email account? can i not use this one on the new SIM/device?

Not necessary if you've changed the password....to something that can't be found on the BlackBerry :)

The usernames of mail servers are not that hard to guess based on the e-mail address.  So, making a new username is not directly addressing problem of stolen credentials.  It's just shifting the problem by obscuring the login name.
0
 
jderaCommented:
Like I said prior just contact the carrier tell them what happened and go from there.  Its not like this is the first person that ever lost their bb...
0
 
tolinromeCommented:
How do I send a 'kill' on a blackberry device from the BES? A user lost his blackberry and I need to wipe it out and reactivate the new one.
0
 
aleghartCommented:
If you had the mobile phone company kill the SIM already, you can't get to it.  You have to send the kill from the BES while the BB handheld is running and can pass traffic (on the home network or roaming).

If the handheld is still in contact with the BES, do this. (I have 5.0.x)

Log in to your BES as the admin user.
User > Manage users > (search/select user)
On the "User Information" tab, click on the PIN number, which represents the phone/handheld.
Scroll near the bottom of the page, under "Device activation".
Click the link "Delete all device data and disable device".

BES-01.jpg
BES-02.jpg
BES-03.jpg
BES-04.jpg
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

  • 4
  • 3
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now