Installation guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL

BlackBerry Enterprise Solution Security

Protecting lost, stolen, or replaced BlackBerry devices 42

BlackBerry Enterprise Solution

security method

Description

using application control policy

rules

The BlackBerry Enterprise Server application control policy rules are

designed to enable you to permit or prevent the installation of specific

third-party applications on the BlackBerry device and to limit the

permissions of third-party applications that have obtained a digital

signature from RIM’s signing authority system, including

• which resources (for example, email, phone, and BlackBerry device

key store) third-party applications can access on the BlackBerry

device

• the types of connections that a third-party application running on

the BlackBerry device can establish (for example, local connections,

internal connections, and external connections,)

• whether or not an application can access the user authenticator

framework API, which permits the registration of drivers to provide

two factor authentication to unlock the BlackBerry device

For example, to permit users in your organization to use a trusted

application to send and receive data from internal servers, permit the

trusted application to make internal connections but prevent all other

third-party applications from making internal connections.

You can also set application policy rules for user groups (for example,

permit an application to access internal servers for a small subset of

trusted users only).

Protecting lost, stolen, or replaced BlackBerry devices

You control BlackBerry devices remotely to immediately protect confidential enterprise information using IT

Admin commands.

IT Admin command Description

Set a Password and

Lock the Device

Use this command to create a new password and lock a lost BlackBerry device

remotely. You can then verbally communicate the new password to the user when

they locate their BlackBerry device. When the user unlocks the BlackBerry device,

the BlackBerry device prompts the user to accept or reject the new password

change.

Note: If a user forgets the password for a BlackBerry device on which content

protection is turned on, do not use the Set a Password and Lock the Device

command to reset the password remotely. If you reset the user’s password remotely,

the content-protected BlackBerry device prompts the user to type the BlackBerry

device password, which they have forgotten, before they type a new password

because content protection uses the password to encrypt the content protection

key.

Erase Data and

Disable Device

Use this command to remotely erase all user information and application data that

the BlackBerry device stores.

You can use this command to prepare a BlackBerry device for transfer between

users in your organization.