User guide
Using IT administration commands to protect a lost or stolen device................................................................................... 42
Data flow: Sending the Specify new device password and lock device IT administration command when content
protection is turned on ................................................................................................................................................43
Managing device access to the BlackBerry Enterprise Server..............................................................................................44
Using a segmented network to help prevent the spread of malware.....................................................................................45
Moving a device to a BlackBerry Enterprise Server that uses a different BlackBerry Configuration Database ....................... 45
Configuring the IT Policy Viewer icon on a device................................................................................................................ 46
6 Device storage space .....................................................................................................................47
Changing when a device cleans the device memory ........................................................................................................... 48
When a device overwrites data in the device memory..........................................................................................................49
Deleting all device data from the device storage space .......................................................................................................49
When a device deletes all device data..........................................................................................................................50
Using IT policy rules to specify when a device must delete device data ........................................................................ 50
Resetting a device to factory default settings ...............................................................................................................51
Data flow: Deleting all device data from a device ......................................................................................................... 51
Scrubbing the memory of a device when deleting all device data.........................................................................................52
Scrubbing the device heap in RAM when deleting all device data ................................................................................ 52
Scrubbing the flash memory on a device when deleting all device data ........................................................................ 53
Scrubbing the user files on a device when deleting all device data ............................................................................... 53
7 Securing devices in your organization’s environment for personal use and work use.........................54
How a device classifies what data and applications are for work use or personal use............................................................54
Data and applications that a device classifies for work use........................................................................................... 55
Data and applications that a device classifies for personal use..................................................................................... 56
Preventing a user from compromising work data on a device...............................................................................................56
Preventing a user from pasting work data into a personal application............................................................................57
Preventing a user from forwarding work data using personal channels..........................................................................57
Prevent a user from using the work contact list in personal email accounts and personal calendars.............................. 58
Controlling the browsing traffic in the BlackBerry Browser............................................................................................58
Preventing a user from backing up work data that is stored on a device........................................................................ 58
Protecting work data on a media card..........................................................................................................................59
Deleting only work data from a device.................................................................................................................................59
Data flow: Deleting only work data from a device ......................................................................................................... 61
Managing third-party applications on a smartphone that a user uses for personal purposes.................................................62
Managing add-on applications on a device that a user uses for personal purposes...............................................................62
IT policy rules that apply to devices that users use for personal purposes............................................................................ 63
8
Protecting data on a device.............................................................................................................64
Encrypting user data on a locked device.............................................................................................................................64
Configuring the encryption of device data on a locked device ...................................................................................... 64
Data flow: Encrypting user data on a locked device...................................................................................................... 65
Data flow: Decrypting user data on an unlocked device................................................................................................65