Blackberry Security Policy

Created: November 5, 2008

Purpose

The purpose of this document is to establish a policy on securing BlackBerry PDAs from unauthorized access.

Scope

This policy applies to all BlackBerry devices, both University and privately owned, which are registered in the W&L Blackberry Enterprise Server.

Policy

It is the policy of Washington and Lee to protect university data on all BlackBerry devices with security configuration settings enforced from the BlackBerry Enterprise Server. The policy is described below:

BlackBerry Server Security Settings:

• Passwords are required
  • Minimum password length is four (4) characters (we recommend a total of six (6)
  • User cannot disable password requirement
• Timeout
  • Maximum inactivity timeout is 20 minutes
• Attempts
  • Maximum password entry attempts is seven (7)
  • IMPORTANT: Device will lockout and wipe all local data from the device!!! after seven (7) attempts with the wrong password. Please call the Telecom office BEFORE attempting seven (7) logins and/or if you forget your Blackberry password.
• Protection
  • Content Protection Strength Strong (Always Encrypted)