Blackberry security threat can be countered - RIM
Research in Motion has sought to downplay the threat of the BBproxy programme, saying that such exploits are possible on any mobile device and denying that it was an architectural problem with the Blackberry system.
When asked whether enterprises could guard against the attack, Scott Totzke, director of the global security group at RIM said that the Blackerry Enterprise Server was already equipped to handle threats. "Absolutely. That's what these tools are there for," he told Mobile Europe sister site www.communications-news.com.
Totzke said that BES contained 255 rules through which administrators could define IT policy and application control.
A white list could be set up to allow only specific third-party applications, he said.
Privileges can also be established by user and/or application, including defining network access. RIM further encourages businesses to segment networks to reduce the damage that a hacker could inflict.
RIM was reacting to news of a software program written by security researcher Jesse D'Aguanno which exploits the trust between a BlackBerry and the network to open a route into corporate resources. He says he will release the program in the next few days.
"Because it's a handheld device, most people don't think it's something that can actually harm the rest of your internal network," D'Aguanno told wired.com.
"But a BlackBerry is a code-running machine that's always-on and always connected to your internal network and has direct access to whatever you give it access to. Most company architectures allow it unfettered access to everything on the internal network."
RIM has publicly reacted to the promised release of D'Aguanno's software by publishing two documents advising network managers how to protect their networks against malware threats.
External Links
Share this article with others
Post to del.icio.us
Printed from http://www.mobileeurope.co.uk/news_analysis/112157/Blackberry_security_threat_can_be_countered_-_RIM.html
Comment on this article
Skip to comments
We encourage users to analyse, comment on and even challenge Mobile Europe's articles, including the one above - 'Blackberry security threat can be countered - RIM'
User reviews and comments that include profanity or personal attacks or other inappropriate comments or material will be removed from the site.
Additionally, entries that are unsigned or contain "signatures" by someone other than the actual author will be removed. We will take steps to block users who violate any of our posting standards, terms of use or privacy policies or any other policies governing this site.