Manualshelf

User guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
31323334353637383940
Using IT policy rules to manage BlackBerry Enterprise
Solution security
You can use IT policy rules to customize and control the actions that the BlackBerry Enterprise Solution can perform.
To use an IT policy rule on a BlackBerry device, you must verify that the BlackBerry Device Software version supports the IT
policy rule. For example, you cannot use the Disable Camera IT policy rule to control whether a BlackBerry device user can
access the camera on the device if the
BlackBerry Device Software version does not support the IT policy rule. For
information about the BlackBerry Device Software version that is required for a specific IT policy rule, see the BlackBerry
Enterprise Server Policy Reference Guide.
If you create a custom IT policy that does not permit users to change their user information on their devices, you can only
apply this custom IT policy to devices running BlackBerry Device Software 5.0 or later.
The BlackBerry Administration Service groups the IT policy rules by common properties or by application. Most IT policy
rules are designed so that you can assign them to multiple user accounts and groups.
Sending an IT policy over the wireless network
If your organization's environment includes C++ based BlackBerry devices that are running BlackBerry Device Software
version 2.5 or later or Java based devices that are running BlackBerry Device Software version 3.6 or later, the BlackBerry
Enterprise Server can send changes to IT policies to a device over the wireless network automatically. When the device
receives an updated IT policy or a new IT policy, the device, BlackBerry Desktop Software, and BlackBerry Web Desktop
Manager apply the configuration changes immediately.
By default, the BlackBerry Enterprise Server is designed to resend an IT policy to the device within a short period of time
after you update the IT policy using the
BlackBerry Administration Service. You can also resend an IT policy to a specific
device manually. You can configure the BlackBerry Enterprise Server to resend the IT policy to the device at scheduled
intervals regardless of whether you changed the IT policy.
Assigning IT policies and resolving IT policy conflicts
You can assign IT policies directly to a user account or to a group. By default, if you do not assign an IT policy to a user
account or a group that the user is a member of, the BlackBerry Enterprise Server applies the Default IT policy to the user
account. If you assign an IT policy to a group that a user account is a member of, the BlackBerry Enterprise Server applies
the group IT policy to the user account. If you assign an IT policy to the user account directly, the BlackBerry Enterprise
Server
applies this IT policy to the user account instead of the group IT policy or Default IT policy.
If a user account is a member of multiple groups that have different IT policies, the BlackBerry Enterprise Server must
determine which IT policy to apply to the user account. You must use one of the following reconciliation options:
Security Technical Overview Managing BlackBerry Enterprise Solution security
38