What can a BES Administrator “see” on my BB, personal or company-owned, if connected to a BES System? This is a frequently asked question, both by users provided with a work-owned BB as well as those thinking about connecting (or already connecting) their personal BB to a work BES system. The BES can “see” most things, but one would have to know what is actually being logged and then being reviewed to truly know the answer. While the system is capable of logging many activities and functions, the reality is who has time to spend looking at all the data? HOWEVER, you must bear in mind that data which is stored can be reviewed at almost any time so if, for example, you piss off your boss enough that he/she begins to distrust you for any reason they could, in theory, request the Admin to produce logs that can be reviewed after-the-fact. The simplest way to look at this is to understand that given the proper motivation and time, almost anything done on a BES-connected BB can be monitored or viewed. The question of what actually is being watched can only be answered by the Admin….And they probably are not talking. DISCLAIMER: Please note that I am NOT a BES Admin and what follows is information I have gleaned from trolling sites that Admins hang out at. I certainly do not claim that the list is 100% complete or accurate, especially as new versions of BES are released. I have tried to make the list as accurate as possible, but you must take responsibility for checking into your own personal situation. IF IN DOUBT, ASSUME WHAT YOU WANT TO INSTALL OR DO ON A BB CONNECTED TO A BES CAN BE VIEWED AND KNOWN BY YOUR ADMINISTRATOR. What could be accessed/logged/viewed by the BES System Admin includes, but may not limited to: • Corporate Email • Corporate PIM data including Address Book, Memo Pad and Tasks • Corporate calendar entries • Browser site history using the BlackBerry Browser o SPECIAL NOTE: If the Company utilizes a firewall, then the BB Browser will probably be controlled by the firewall. For example, if dating service sites are blocked in your office then they will also be blocked to the BB Browser o You can often get around this by changing the Default Browser Configuration to Internet Browser….Only if the option is available of course…..Options > Advanced Options > Browser > Default browser configuration > Change to Internet Browser > Save your changes • PIN messages • Phone call data, NOT the actual calls. No, they are not recording the calls, but they could see the date, time, numbers called, numbers received, length of call, etc. • Text message data including the actual messages, the times, dates, screen name sent to and the carriers involved • Blackberry Messenger data • All applications installed on the device including any IM apps, RSS feeds, games, etc. • The OS version installed on the BB. The Admin can tell if you upgraded from what had been originally installed • Don’t forget that the Admin may also have IT Policies installed, which can restrict many functions of the BB and that would include your personal device if you choose to connect to the BES server and it Is permitted. You could find yourself unable to install any add-on applications or certain apps. You may be forced to use a password to wake the device. You could even be told how “strong” a password has to be as well as how often it has to be changed. What a BES Admin can't see includes, but may not limited to: • BIS Email messages. However, keep in mind that the Admin can restrict use of BIS Email preventing you from being able to send it • Email using separate Email Apps such as the Gmail App • Browser site history using Internet Browser (see above) • Third-party IM messages such as AIM, MSN, Yahoo!, etc. Remember that the Admin will know you have the App installed though. The Admin can block your ability to even install these apps so they won’t have to worry about messaging if that is done Something I am not sure about: • Password Keeper data. As far as I understand it, the Admin cannot view any of the details as the data is encrypted. I believe that without the encryption key or password, NO ONE but you can view what you have stored • I believe that all the Admin can “see” is that you have information stored I hope this is of help and if there are any Admins in the audience and I have errors or omissions, please let me know so I can correct it and keep our members properly informed.