Blackberry Storm 2 Instruction Manual
Have a look at the manual Blackberry Storm 2 Instruction Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 57 Blackberry manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
About content protectionContent protection is designed to encrypt your BlackBerry® device data. When content protection is turned on, your device uses a private key to encrypt data as it is stored on the device, including data that your device receives when it is locked. Your device decrypts data as you access it. You can set content protection to include or exclude your contacts. If you turn on content protection for contacts and you receive a call when your device is locked, the caller name does not appear on the screen. If you use a smart card certificate for authentication, depending on the smart card you might also be able to use your smart card certificate to provide two-factor content protection. In order to access the encrypted content, you must provide your device password and also connect your device to your smart card reader. When you lock your device, an open lock indicator appears in the device status section of the screen to indicate that your device is deleting a copy of the private key from the temporary device memory. A lock indicator appears when the device has deleted the key. Protect your device data To perform this task, you must have set a BlackBerry® device password. 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click General Settings . 4. Change the Content Protection field to Enabled . 5. Press the Menu key. 6. Click Save. Set encryption strength If encryption of data in the device memory is turned on, you can set the strength of the encryption that your BlackBerry® device uses to protect data that you receive when your device is locked. 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Encryption . 4. Set the Strength field. 5. Press the Menu key. 6. Click Save. Use a certificate to encrypt the encryption keys on your device To perform this task, your BlackBerry® device must be associated with an email account that uses a BlackBerry® Enterprise Server that supports this feature. For more information, contact your administrator. User GuideSecurity259
If you have encryption for data in the device memory turned on and your smart card reader supports this feature, you might be able to use a certificate from the smart card to encrypt the encryption keys on your device. 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Encryption . 4. Change the Two-Factor Protection field to Enabled . 5. Press the Menu key. 6. Click Save. About encryption keys If your BlackBerry® device is associated with an email account that uses a BlackBerry® Enterprise Server or BlackBerry® Desktop Redirector, your device is designed to use an encryption key to protect data as it travels between the BlackBerry Enterprise Server or BlackBerry Desktop Redirector and your device. You should generate a new encryption key every 2 weeks. Generate an encryption key To perform this task, your BlackBerry® device must be associated with an email account that uses a BlackBerry® Enterprise Server that supports this feature. For more information, contact your administrator. If your device is associated with an email account that uses a BlackBerry Enterprise Server that does not support this feature, you can generate an encryption key using the BlackBerry® Desktop Manager, if it includes the email settings tool. For more information, see the online help that is available in the BlackBerry Desktop Manager. 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Information . 4. Highlight a service. 5. Press the Menu key. 6. Click Regenerate Encryption Key . Memory cleaning About memory cleaning Memory cleaning is designed to delete sensitive data from the temporary memory on your BlackBerry® device. Examples of sensitive data include sensitive data in the cache for the key store browser, unencrypted data from email messages, LDAP authentication passwords, and data from certificate and key searches. When memory cleaning is turned on, the memory cleaning application is designed to delete sensitive data automatically in the following situations:User GuideSecurity260
• when you insert your device in a holster • when you do not use your device for a specified period of time • when you synchronize with your computer • when you change the time or the time zone for your device • when you lock your device Turn on memory cleaning 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Memory Cleaning . 5. Change the Status field to Enabled . 6. Press the Menu key. 7. Click Save. Change when your device deletes sensitive data from the temporary device memory 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Memory Cleaning . 5. Perform any of the following actions: • To prevent your BlackBerry® device from deleting sensitive data when you insert your device in a holster, change the Clean When Holstered field to No. • To prevent your device from deleting sensitive data when your device remains idle for a specified period of time, change the Clean When Idle field to No. • To change how long your device waits after you stop using it before it deletes sensitive data, change the Idle Timeout field. 6. Press the Menu key. 7. Click Save. Delete sensitive application data from the temporary device memory 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Memory Cleaning . 5. In the Registered Cleaners section, click an application. 6. Perform one of the following actions: • To delete sensitive data for the highlighted application, click Clean . Click OK. • To delete sensitive data for all applications, click Clean Now.User GuideSecurity261
View the icon for the memory cleaning application on the Home screen1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Memory Cleaning . 5. Change the Show Icon on Home Screen field to Yes. 6. Press the Menu key. 7. Click Save. Certificates Certificate basics Download a certificate from an LDAP or DSML certificate server 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Certificates . 5. Press the Menu key. 6. Click Fetch Certificates . 7. Specify the search criteria. 8. Press the Menu key. 9. Click Search. 10. Click a certificate. 11. Click Add Certificate to Key Store . About certificate authority profiles If your email account uses a BlackBerry® Enterprise Server that supports this feature, you can download certificates over the wireless network from a certificate authority profile provided by your administrator. Depending on your organization, enrollment for a certificate might be required and might also occur automatically. When you enroll with a certificate authority profile, the latest certificate is downloaded to your BlackBerry device and added to your certificate list. The certificate authority profiles shows the status of the certificate. If the certificate is scheduled to expire soon you can re-enroll with the certificate authority profile to receive an updated certificate. User GuideSecurity262
Download a certificate from a certificate authority To perform this task, your BlackBerry® device must be associated with an email account that uses a BlackBerry® Enterprise Server that supports this feature. For more information, contact your administrator. If your administrator has provided you with a certificate authority profile, you can enroll with the profile to download a certificate to your device. If the certificate is scheduled to expire soon you can re-enroll to receive an updated certificate. 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Certificate Authority Profile . 5. Click Enroll or Re-enroll . 6. If necessary, type the credentials that you use to connect to your organization's network. To hide the screen for the certificate authority profile while the request is being processed, press the Menu key. Click Hide. To return to this screen, on the Home screen, click the Certificate Authority Profile icon. View properties for a certificate 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Certificates . 5. Click a certificate. Certificate properties Revocation Status: This field displays the revocation status of the certificate at a specified date and time. Trust Status: This field displays the trust status of the certificate chain. A certificate can be explicitly trusted (the certificate itself is trusted), implicitly trusted (the root certificate in the certificate chain is trusted on your BlackBerry® device), or not trusted (the certificate is not explicitly trusted and the root certificate in the certificate chain is not trusted or does not exist on your device). Expiration Date: This field displays the date that the certificate issuer specified as the expiration date of the certificate. Certificate Type: This field displays the certificate format. Your device supports X.509 and WTLS certificate formats. Public Key Type: This field displays the standard to which the public key complies. Your device supports RSA®, DSA, Diffie-Hellman, and ECC keys. User GuideSecurity263
Subject:This field displays information about the certificate subject. Issuer: This field displays information about the certificate issuer. Serial Number: This field displays the certificate serial number in hexadecimal format. Key Usage: This field displays approved uses of the public key. Subject Alt Name: This field displays an alternate email address for the certificate subject, if an alternate email address is available. SHA1 Thumbprint: This field displays the SHA-1 digital thumbprint of the certificate. MD5 Thumbprint: This field displays the MD5 digital thumbprint of the certificate. View one type of certificate in the certificate list 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Certificates . 5. Press the Menu key. 6. Click one of the following menu items: •Show My Certs • Show Others Certs • Show CA Certs • Show Root Certs To view all the certificates on your BlackBerry® device, press the Menu key. Click Show All Certs . Send a certificate When you send a certificate, your BlackBerry® device sends the public key, but does not send the corresponding private key. 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Certificates . 5. Highlight a certificate. 6. Press the Menu key.User GuideSecurity264
7. Click Send via Email or Send via PIN . Delete a certificate 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Certificates . 5. Highlight a certificate. 6. Press the Menu key. 7. Click Delete. View the certificate chain for a certificate 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Certificates . 5. Highlight a certificate. 6. Press the Menu key. 7. Click Show Chain . Certificate status Status indicators for certificates and certificate authority profiles Status indicators for certificates : The certificate has a corresponding private key that is stored on your BlackBerry® device or a smart card. :The certificate chain is trusted and valid, and the revocation status of the certificate chain is good. : The revocation status of the certificate chain is unknown, or a public key for a certificate in the certificate chain is weak. :The certificate is untrusted or revoked, or a certificate in the certificate chain is untrusted, revoked, expired, not valid, or cannot be verified. Status indicators for certificate authority profiles : A valid certificate is associated with the certificate authority profile. User GuideSecurity265
:A new certificate is being fetched because the current certificate is scheduled to expire soon. :The enrollment request is pending approval from the certificate authority. : Enrollment with the certificate authority profile is pending because an action from the user is required to continue, or because enrollment is scheduled to occur later. : Enrollment with the certificate authority profile is required and will occur automatically. Check the revocation status of a certificate or certificate chain 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Certificates . 5. Highlight a certificate. 6. Press the Menu key. 7. Click Fetch Status or Fetch Chain Status . Change the trust status of a certificate 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Certificates . 4. Highlight a certificate. 5. Press the Menu key. 6. Click Trust or Distrust . 7. If necessary, perform one of the following actions: • To trust the highlighted certificate, click Selected Certificate. • To trust the highlighted certificate and all the other certificates in the chain, click Entire Chain. Revoke a certificate If you revoke a certificate, the certificate is revoked only in the key store on your BlackBerry® device. Your device does not update the revocation status on the certificate authority or CRL servers. 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Certificates . User GuideSecurity266
5. Highlight a certificate. 6. Press the Menu key. 7. Click Revoke. 8. Click Yes. 9. Change the Reason field. 10. Click OK. To cancel a certificate hold, highlight the certificate. Press the Menu key. Click Cancel Hold . Certificate revocation reasons Unknown: The revocation reason does not match any of the predefined reasons. Key Compromise: A person who is not the key subject might have discovered the private key value. CA Compromise: Someone might have revealed the private key of the certificate issuer. Change in Affiliation: The certificate subject no longer works for the organization. Superseded: A new certificate is replacing an existing certificate. Cessation of Operation: The certificate subject no longer requires the certificate. Certificate Hold: You want to revoke the certificate temporarily. Certificate options Change the display name for a certificate 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Certificates . 5. Highlight a certificate. 6. Press the Menu key. 7. Click Change Label .User GuideSecurity267
8. Type a display name for the certificate. 9. Click OK. Add an email address to a certificate 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Certificates . 5. Highlight a certificate. 6. Press the Menu key. 7. Click Associate Addresses . 8. Press the Menu key. 9. Click Add Address . 10. Perform one of the following actions: • Click a contact. • Click Use Once . Type an email address. Press the Enter key. 11. Press the Menu key. 12. Click Save. Turn off the display name prompt that appears when you add a certificate to the key store 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Certificates . 5. Press the Menu key. 6. Click Fetch Certificates . 7. Press the Menu key. 8. Click Options. 9. Change the Prompt for Label field to No. 10. Press the Menu key. 11. Click Save. When you add a certificate, your BlackBerry® device uses the certificate subject as the name for the certificate. Turn off the fetch status prompt that appears when you add a certificate to the key store 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Certificates . 5. Press the Menu key. 6. Click Fetch Certificates .User GuideSecurity268