BlackBerry BES 12.5.x STIG Ver 1, Rel 3 Checklist Details (Checklist Revisions)

Checklist Highlights

Checklist Name:
BlackBerry BES 12.5.x STIG
Checklist ID:
Ver 1, Rel 3
Review Status:
Governmental Authority: Defense Information Systems Agency
Original Publication Date:

Checklist Summary:

The BlackBerry BES (BlackBerry Enterprise Service) 12.5.x Mobile Device Manager (MDM) Security Technical Implementation Guide (STIG) provides security policy and configuration requirements for the use of the BlackBerry Enterprise Service (BES) 12.5.x platform to provide administrative management of mobile devices in the Department of Defense (DoD). This STIG applies to version 12.5.x of the BES. The scope of this STIG includes BlackBerry OS 10.3.x and 7.x smartphones covered in the BlackBerry OS 10.3.x STIG and the BlackBerry OS 7.x STIG. Authorizing Officials (AO) can contact DISA at to obtain current information regarding the capability of the BES 12.5.x to manage STIG-required MDM controls for iOS, Android, and Windows mobile devices. Note: In STIG requirement statements, the terms MDM server and MDM platform are used. MDM server refers to the MDM application server product, while MDM platform refers to the host server that the MDM server is installed on (for example, Windows Server 2012).

Checklist Role:

  • Desktop or Mobile Client

Known Issues:

Not provided.

Target Audience:

This document is a requirement for all DoD-administered systems and all systems connected to DoD networks. These requirements are designed to assist Information Assurance Managers (IAMs), Information Assurance Officers (IAOs), and System Administrators (SAs) with configuring and maintaining security controls. This guidance supports DoD system design, development, implementation, certification, and accreditation efforts.

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

BlackBerry virus protection features have been tested by National Security Agency (NSA) and DISA and were approved by the Defense Information System Network (DISN) Security Accreditation Working Group (DSAWG) in 2006 as meeting DoD security requirements when the initial release of this Checklist was approved.

Regulatory Compliance:

DoD Directive (DoDD) 8500.1


Not provided.


Not provided.

Product Support:

Not provided.

Point of Contact:

Comments or proposed revisions to this document should be sent via email to the following address:


Not provided.


Not provided.

Change History:

updated to FINAL - 12/07/2016
Updated URL to reflect change to the DISA website - http --> https
moved to archive status - 4/15/19
Updated URLs - 6/5/19
Updated URLs - 9/11/19


URL Description


Reference URL Description

NIST checklist record last modified on 09/11/2019