Device Security

NotifyLink device security implements proactive features that can help deter security breaches. It also includes reactive security options that can be implemented when a device is lost or stolen and therefore more vulnerable to a breach.

This section highlights NotifyLink’s core device security features. For a more comprehensive listing of device security features, see the Device IT Policy Comparison chart.

Proactive Device Security Options

Device Data-at-Rest Encryption

Data-at-rest encryption for the email database on the device storage disk is supported by several device types.

NotifyLink Device Application

• BlackBerry – With NotifyLink for BlackBerry v4.7 or greater, use the device application preferences (General Security Settings) to choose from three encryption key lengths.

o Secure (128-bit)

o More Secure (192-bit)

o Most Secure (256-bit)

ActiveSync Solution Devices

• Android with TouchDown – encrypts TouchDown data only

o Versions 5.1.0026 - 6.4.x – TDES 168-bit

o Versions 6.5 and higher – AES 256-bit

• Android (Native) devices - OS version 3.0; manufacturer/model dependent for OS versions less than 3.0

• iPhone 3GS and 4 with iOS 4, iPod touch 3^rd and 4^th generation with iOS 4, and iPad device models – AES 256 bit

• Nokia S60 3^rd edition devices – 256 bit

• webOS – AES 128-bit

• Windows Mobile 6.1 and 6.5 – AES 128-bit

• Windows Phone 7 – This device does not currently support Data-at-Rest encryption.

Device Rules: Lock Rules

Inactivity Timeout

• BlackBerry
The NotifyLink Lock Timeout setting always respects the native timeout interval. Turning off the device or letting the native inactivity timer turn off the device will not cause the password prompt when turning the device back on unless the NotifyLink timeout interval has expired. Soft reset always triggers the password prompt to be displayed.

• iPhone/ iPod touch/ iPad, Windows Mobile, Palm webOS, Symbian, Android Native, Android with TouchDown^TM, and Windows Phone 7 platforms using NotifyLink ActiveSync Solution
Lock interval is based on native lock interval and can be set on the device or can be enforced by security rules sent from the NotifyLink server.

Challenge Timeout

• BlackBerry
The NotifyLink Challenge Timeout lock is initiated regardless of inactivity and is intended to challenge the use of the device if it is lost or stolen. It must be greater than the Inactivity Timeout.

• iPhone/ iPod touch/ iPad, Windows Mobile, Palm webOS, Symbian, Android Native Android with TouchDown^TM, and Windows Phone 7 platforms using NotifyLink ActiveSync Solution – Not supported

Duress Notification

• BlackBerry
If enabled, this option allows the user to activate the duress notification if he/she is forced to unlock the device under duress by entering the password in an altered format (shift all characters to the left). EX: If lock password is “guarddog”, the duress password is “uarddogg”.

A high priority Email notification is sent to the specified Email address with the Subject: “NotifyLink Duress Notification.” The notification is completely hidden from view. It does not appear in the Outbox, Sent Items, or Deleted Items folders.

• iPhone/ iPod touch/ iPad, Windows Mobile, Palm webOS, Symbian, Android Native Android with TouchDown^TM,and Windows Phone 7 platforms using NotifyLink ActiveSync Solution – Not supported

Device Rules: Password Rules

Device Password Expiration

• BlackBerry
If enabled, fifteen days prior to the expiration, user is reminded that the password will expire in 15 days. When the password expires, the device locks. The user must unlock it with the current password and then create a new password at the prompt. Expiration can range from 30 to 365 days.

• iPhone/ iPod touch/ iPad, Windows Mobile, Symbian, Android Native(some models), Android with TouchDown^TM, and Windows Phone 7 platforms using NotifyLink ActiveSync Solution also support this policy.
Not supported on Palm webOS devices.

Device Password History

• BlackBerry
If enabled, this feature prevents users from reusing passwords too soon. Can configure device to store anywhere from 10 to 100 passwords. EX: If the number of stored passwords is 10, you will not be able to use the past ten passwords. When you create the 11^th password, the oldest stored password becomes available for use again.

Device Rules: ActiveSync Rules

ActiveSync Rules allow administrators to enforce or disable security policies on ActiveSync devices.

When enabled this rule will enforce security policies that are set on the NotifyLink server and are supported by ActiveSync devices. The rule is enabled by default.

Security policies supported on ActiveSync devices vary by device platform, but may include:

• Minimum Password Length

• Allow Simple Password

• Require Alphanumeric Password

• Minimum Number of Complex Characters

• Maximum Inactivity Timeout

• Wipe on Failed Unlock Attempts

• Remote Wipe

• Password Expiration

• Password History

• Require Storage Card Encryption

• Require Device Encryption

• Allow Camera

Reactive Device Security Options

NotifyLink supports remote WIPE and LOCK executions and local (device) WIPE executions (where applicable). Remote WIPE and LOCK are controlled via the NotifyLink Administrative Web and work when wireless is on.

Clear Device - The wipe trigger deletes Email and PIM and locks the device, enabling a password prompt. (Where applicable, SD card wipe is an option as well.)

Lock Password - The LOCK trigger locks the device, enabling a password prompt, but does not delete Email/PIM.

Remove Mailbox - NotifyLink supports a third remote device security execution that removes the mailbox information from the device and puts NotifyLink into a pre-registration state.

Remote Wipe - This option appears in place of Clear Device and Remove Mailbox when the device associated with the user’s account is an ActiveSync device.

Clear Device / Remote WIPE* (Sent from the NotifyLink Administrative or Client Web)

• BlackBerry devices – Email and PIM are deleted

• iPhone/ iPod touch/ iPad, Windows Mobile, Palm webOS, Symbian, Android Native, Android with TouchDown^TM, and Windows Phone 7 ActiveSync devices – Email, PIM and mailbox account are deleted and the device enters a pre-registration state. The specifics of how Remote Wipe operates may vary by the model and operating system version of the device. See device user guides for details.

*Where applicable, the SD card can be wiped as well (Clear Device and Cards)

Local WIPE, based on failed unlock attempts when Lock is on (device)

• BlackBerry devices– When the password is entered incorrectly after 10 consecutive tries device issues the wipe, which deletes the Email and PIM.

• Symbian S60, 3^rd Edition OS devices using NotifyLink ActiveSync Solution – When the password in entered incorrectly after 10 consecutive tries the device issues the wipe, which deletes Email and PIM and removes the NotifyLink account.

• Windows Mobile devices using NotifyLink ActiveSync Solution – Uses the native security measures. Native security may do a local wipe, but this depends on what security implementations the OEM customized into the firmware.

• iPhone/ iPod touch/ iPad devices using NotifyLink ActiveSync Solution – Uses the native security measures and does a local wipe based on password attempts for iPhone OS version 3.0 or later. Device settings reset to their defaults and all information and media is removed by overwriting the data stored in the device. For iPhone OS version 2.2.1, the device does not actually wipe, but imposes time delays and eventually locks the device, requiring reauthorization through iTunes.

• Palm webOS devices using NotifyLink ActiveSync Solution – Uses the native security measures and does a local wipe based on password attempts. The wipe deletes all personal information, such as messages, contacts, calendar events and tasks, the Microsoft Exchange ActiveSync account, and any third party applications added.

• Android devices with TouchDown^TM using NotifyLink ActiveSync Solution – Uses the native security measures and does a local wipe based on password attempts. The wipe deletes the NotifyLink account created via TouchDown and all data synchronized by TouchDown.

• Android devices (Native) using NotifyLink ActiveSync Solution – Uses the native security measures and does a local wipe based on password attempts. The wipe deletes all data, accounts, and applications from the device, but will not erase the SD card.

• Symbian S60, 3^rd Edition devices using NotifyLink ActiveSync Solution – Uses the native security measures and does a local wipe based on password attempts. The wipe deletes all data, accounts, and applications from the device and the SD card.

• Windows Phone 7 devices using NotifyLink ActiveSync Solution – Uses the native security measures and does a local wipe based on password attempts. The wipe deletes all data, accounts, and applications from the device, but will not erase the SD card.

Remote Removal of NotifyLink Mailbox (Sent from the NotifyLink Administrative or Client Web)

• BlackBerry devices– Email and account information are wiped from the device

• iPhone/ iPod touch/ iPad, Windows Mobile, Palm webOS, Symbian, Android Native, Android with TouchDown^TM, and Windows Phone 7 devices using the NotifyLink ActiveSync Solution – Mailbox removal is not a separate option. The Remote Wipe option removes the mailbox account along with Email and PIM.

Remote LOCK (Sent from the NotifyLink Administrative Web)

Device platforms which support remote lock use the password set in NotifyLink’s Device IT Policy: Lock Settings as the LOCK password.

• BlackBerry devices – The entire device is locked by the NotifyLink application. The native BlackBerry security is not used.

• iPhone/ iPod touch/ iPad, Windows Mobile, Palm webOS, Symbian, Android Native, Android with TouchDown^TM, and Windows Phone 7 devices using NotifyLink ActiveSync Solution – Not supported.

Implementation Guidelines: Preventing/Managing Device Breaches