Manualshelf

User guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
51525354555657585960
data, you must configure the "Is access to the corporate data API allowed" application control policy rule. The device
checks this rule to determine which applications can access work data.
After you configure the Enable Separation of Work Content IT policy rule, the following events can occur:
the device and BlackBerry Enterprise Server do not synchronize personal organizer data
an application can determine whether it can access work data
after applications that can access work data register with the device, the applications can delete work data without
deleting personal data when the device notifies the applications that they must delete work data
To help a device determine which data is work data, you can provide the device with domain information for your
organization. You can specify a list of domain names, email address domains, and certificate server domains that are
specific to your organization in the Work Domains IT policy rule. For example, if a user sends an email message to a contact
that is not in the contact list on the device, the device can use the domain information in the Work Domains IT policy rule to
determine whether the contact is a work contact.
Data and applications that a device classifies for work
use
A BlackBerry device classifies the following data and applications for work use:
email messages and attachments that are sent to the BlackBerry device user's work email account and the email
messages and attachments that the user sends from the work email account
draft email messages that the user creates using their work email account
calendar entries that the user creates using their work calendar
contacts that the BlackBerry Enterprise Server synchronizes with the user's work email account
organizer data, such as tasks and memos
applications that you send to the device from a BlackBerry Enterprise Server, and that have the "Is access to the
corporate data API allowed" application control policy rule set to Allow
files that the user accesses and downloads from your organization's network using the Files application
files on media cards that are created by applications that can access work data (except for media applications)
The BlackBerry device classifies email addresses in the user's contact list as work email addresses using the domains that
you specify in the Work Domains IT policy rule.
After the device classifies data for work use, the user cannot reclassify the data for personal use. For example, if a user
selects a work email account in the Send Using field of a draft email message and starts typing a message in the body, the
user cannot change the selected work email account to a personal email account. However, the user can reclassify
personal data as work data. For example, if the user selects a personal email account in the Send Using field of a draft
email message, the user can change the selected personal email account to a work email account even after they start
typing a message in the body of the email.
Security Technical Overview Securing devices in your organization’s environment for personal use and work use
55