The BlackBerry Enterprise Mobility Server (BEMS) must be configured to use HTTPS.
An XCCDF Rule
Description
<VulnDiscussion>Preventing the disclosure of transmitted information requires that applications take measures to employ some form of cryptographic mechanism in order to protect the information during transmission to web applications. This is usually achieved through the use of HTTPS.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-93729r1_rule
- Severity
- High
- References
- Updated
Remediation - Manual Procedure
Configure BEMS to use HTTPS as follows:
1. In the BEMS Dashboard, under "BEMS System Settings", click "BEMS Configuration".
2. Click "BlackBerry Dynamics".
3. In the Protocol drop-down list, select "HTTPS".