Corporate BlackBerry outage survival

Comments

PadlockBlackouts aren’t exactly regular occurrences, but one is enough to make companies start considering contingency plans and preventative measures. Informatica Security has written up a set of reasonable guidelines for keeping the gears turning when BlackBerrys aren’t up and running. The big four points for minimizing damage from an outage are:

1. Quantify the criticality of Blackberry service reliability and uptime before committing resources.
2. Identify alternative methods for secure e-mail retrieval.
3. Ensure that IT personnel actively monitor critical resources.
4. Include Blackberry service disruption in the Business Continuity Plan.


The report claims telecom-based service is more stable and secure than BES, since it functions independent of corporate inner-workings and foul-ups. Informatica then breaks up BlackBerry users into those who use the devices as an information resource for decision-making, and those who rely on them for actually carrying out tasks. This second group is more paralyzed by BlackBerry service disruptions than the first due to the time-sensitive nature of their communications, and so the report suggests that they use telecom-provided service in order to maintain reliability.

Managerial-level customers should stick to BES in order to keep sensitive e-mails within the company, while those on the front-line are presumed to keep their communications strictly on an operational level since security is not as ensured as on a BES. To make sure all devices remain secure, Informatica proposes regular password changes, and a short timeout on each BlackBerry, requiring an alphanumeric password to unlock. Some BES best security practices include:

- Recording device serial numbers and PINs so that compromised devices can be “locked out” of the network to prevent further misuse (and in some cases, even located).
- Recording alternative access numbers (pagers, mobiles) to ensure accessibility for Blackberry-equipped personnel.
- Identifying alternative methods of communication.
- Identifying and implementing alternative methods for e-mail retrieval for off-site employees. For example, Microsoft Outlook Web Access and VPN tunnelling.
- Implementing hardware redundancy of machines most likely to be affected (e.g. The BES itself, network routers, switches, application/mail servers, etc.).
- Ensuring the availability of trained personnel to investigate and restore affected systems, especially complex systems such as the BES.

The diagnosis process usually takes awhile, so the report emphasizes how critical it is to have a backup BES in order to minimize downtime. In order to stop it from going down in the first place, the report puts forward the following best practices for BES stability.

- Ensuring that network hardware provides sufficient features, capacity, and speed to meet
the enterprise’s minimum requirements under normal conditions.
- Investing in hardware redundancy to ensure there exists multiple communications pathways to the Internet. The IT department must ensure that the hardware is capable of supporting at least twice the desired data load (such that each device is capable of supporting the entire network load on its own in the event that the primary device fails).
- Retain technical staff with the expertise to monitor, maintain, and remediate network problems.
- Ensuring there are enforced technical and administrative security policies in place to defend against virus, worm, and other malware outbreaks on the corporate network.
- Creating an effective DRP [Disaster Recovery Plan] to address a prolonged network service interruption.

The full white paper is available after registering for their newsletter.

  • http://facebookworm.blogspot.com/ Mathew Beck

    personally I?m a fan of the death penalty for first offense virus,hack or spam attempt

  • http://facebookworm.blogspot.com/ Mathew Beck

    personally I?m a fan of the death penalty for first offense virus,hack or spam attempt