An error occurred:

Check: BBDS-00-000200

Policy SRG: BBDS-00-000200 (in version v1 r1)

Title

BlackBerry Web Desktop Manager must be configured to permit users to activate new BlackBerry devices only. (Cat II impact)

Discussion

The overall security posture of the BlackBerry system is dependent on strict configuration management controls, including ensuring only authorized BlackBerry devices are being used and authorized devices are provisioned as required. When these configurations are not set as required, users may have the capability to activate unauthorized BlackBerry devices.

Check Content

Verify the BlackBerry Administration Service (BAS) has been configured to permit users to activate new BlackBerry devices only. Log into the BAS as an administrator with Security Administrator role. In the BAS Organization Administration menu, expand Organization. - Click My organization. - Click BlackBerry Web Desktop Manager Information. - On the Allowed user operations, verify "Allow user wireline activation" is set to "Activate unused PIN only." If BAS has not been configured to permit users to activate only new devices, this is a finding.

Fix Text

Configure BlackBerry Administration Service to permit users to activate new BlackBerry devices only via BlackBerry Web Desktop Manager.

Additional Identifiers

Rule ID:

Vulnerability ID: BBDS-00-000200

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000370

Manage configuration settings for organization-defined system components using organization-defined automated mechanisms.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-6(1)

Automated Central Management / Application / Verification