An error occurred:

Check: BBDS-00-000300

BBDS10 2 X STIG: BBDS-00-000300 (in version v1 r5)

Title

The BlackBerry Device Service server must be configured to accept only trusted connections to back-office enclave application or web push servers. Push servers are set up to push content to BlackBerry users. (Cat II impact)

Discussion

Only authorized servers should be able to push content to BlackBerry devices.

Check Content

Verify the site has configured the BlackBerry Device Service server to require trusted connections to push enclave application or web servers. Otherwise, this is a finding.

Fix Text

Configure the BlackBerry Device Service server to push content to BlackBerry devices. Log into BlackBerry Administration Service, and under "Servers and components" on the left side of the screen, navigate to "'BlackBerry Solution topology > BlackBerry Domain > Component view > MDS Connection Service > <MDS Connection Service Instance>". - On the "Instance information" tab, click "Edit instance". - In the "Access control" section, verify "Push authentication:" is set to "Yes".

Additional Identifiers

Rule ID:

Vulnerability ID: V-48559

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000366

The organization implements the security configuration settings.
CCI-000781

The information system authenticates devices before establishing network connections using bidirectional authentication between devices that is cryptographically based.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-6

Configuration Settings