Administration Guide

Local Navigation

When a BlackBerry device overwrites data in the BlackBerry device memory

A BlackBerry® device continually runs the memory cleaner application during the Java® based garbage collection process to overwrite data in the BlackBerry device memory that the BlackBerry device no longer uses.

The BlackBerry device runs the garbage collection process when any of the following conditions exist:
  • You or a BlackBerry device user turns on content protection for the BlackBerry device.
  • An application uses the RIM® Cryptographic API to create a private key or symmetric key.
  • A third-party application turns on the garbage collection process by registering with the memory cleaner application on the BlackBerry device. The memory cleaner application instructs applications to empty caches and to free the BlackBerry device memory that is associated with sensitive application data that the applications no longer use.
  • A BlackBerry device user installs the S/MIME Support Package for BlackBerry® smartphones on the BlackBerry device.
  • A BlackBerry device user installs the PGP® Support Package for BlackBerry® smartphones on the BlackBerry device.

When the BlackBerry device runs the garbage collection process, the garbage collection process overwrites the data that the BlackBerry device no longer uses with zeroes, periodically runs the memory cleaner application, and overwrites the memory that the memory cleaner application frees.

Changing when a BlackBerry device cleans the BlackBerry device memory

By default, the memory cleaner application runs on a BlackBerry® device when the BlackBerry device is inactive for a specified period of time. You or a BlackBerry device user can change when the memory cleaner application runs when any the following conditions exist:
  • The BlackBerry device user synchronizes the BlackBerry device with a computer.
  • The BlackBerry device user locks the BlackBerry device.
  • The BlackBerry device locks after it is inactive for a specified period of time.
  • The BlackBerry device user changes the time or time zone on the BlackBerry device.

To change when the memory cleaner application runs, you can use IT policies or the BlackBerry device user can turn on or turn off the memory cleaner application in the Security options on the BlackBerry device.

You or the BlackBerry device user cannot turn off the memory cleaner application on the BlackBerry device if any of the following conditions exist:
  • You or the BlackBerry device user turns on content protection on the BlackBerry device.
  • An application uses the RIM® Cryptographic API to create a private key or symmetric key.
  • An application that registers with the memory cleaner application requires that memory cleaning application be turned on.
  • The BlackBerry device user installs the S/MIME Support Package for BlackBerry® smartphones on the BlackBerry device and a private key exists on the BlackBerry device.
  • The BlackBerry device user installs the PGP® Support Package for BlackBerry® smartphones on the BlackBerry device and a private key exists on the BlackBerry device.

If you or the BlackBerry device user turns on the memory cleaner application, Java® based garbage collection process uses the memory cleaner application automatically. The garbage collection process overwrites data that the BlackBerry device no longer uses.

For more information about the IT policy rules that you can use to change when the memory cleaner application runs, see the BlackBerry Enterprise Server Policy Reference Guide.

Back To Top

Best practice: Configuring additional memory cleaner settings for BlackBerry devices

Scenario Recommendation

Remove decrypted content from BlackBerry® device memory when the user holsters BlackBerry device.

Change the Force Memory Clean When Holstered IT policy rule to Yes.

Remove decrypted content from BlackBerry device memory when the BlackBerry device is idle.

Change the Force Memory Clean When Idle IT policy rule to Yes.

Start the memory cleaner after a specific amount of time has elapsed.

Set the Memory Cleaner Maximum Idle Time IT policy rule to the desired time (for example, 10 minutes).

For more information, see the BlackBerry Enterprise Server Policy Reference Guide and S/MIME Support Package User Guide Supplement.

Back To Top

Was this information helpful? Send us your comments.