Check: BBDS-00-000285
BBDS10 2 X STIG:
BBDS-00-000285
(in version v1 r5)
Title
The BlackBerry Device Service server must be configured to prevent users from performing self-service tasks. (Cat II impact)
Discussion
The overall security posture of the BlackBerry system is dependent on strict configuration management controls, including ensuring only authorized BlackBerry devices are being used and authorized devices are provisioned as required. When these configurations are not set as required, users may have the capability to activate unauthorized BlackBerry devices.
Check Content
Review Windows Services configuration to ensure the BlackBerry Device Service server has been disabled to prevent users from performing self-service tasks. Otherwise, this is a finding.
Fix Text
Configure the BlackBerry Device Service server to prevent users from performing self-service tasks. Log into the BlackBerry Device Service server as a local administrator. Open "Services" by navigating to "Start > Run... > services.msc" and ensure the "BES10 - Self-Service" service is stopped and its Startup Type is set to "Disabled".
Additional Identifiers
Rule ID:
Vulnerability ID: V-48577
Group Title:
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000386 |
The organization employs automated mechanisms to prevent program execution on the information system in accordance with the organization-defined specifications. |
Controls
| Number | Title |
|---|---|
| No controls are assigned to this check |