How a device classifies what data and applications are for work use or personal use
To control what happens to your organization’s data and applications on a BlackBerry® device, you can configure a device to distinguish between data and applications that are for personal use and data and applications that are for work use. You must set the Enable Separation of Work Content IT policy rule to Yes before the device can distinguish between work data and personal data.
By default, after you configure the Enable Separation of Work Content IT policy rule, core applications can access work data, personal data, or both. For example, the email application can access both work data and personal data because a BlackBerry device user can use the email application to manage the work email account and personal email accounts. To determine whether a third-party application or an add-on application developed by Research In Motion® can access work data, you must configure the "Is access to the corporate data API allowed" application control policy rule. The device checks this rule to determine which applications can access work data.
- the device and BlackBerry® Enterprise Server do not synchronize personal organizer data
- an application can determine whether it can access work data
- after applications that can access work data register with the device, the applications can delete work data without deleting personal data when the device notifies the applications that they must delete work data
To help a device determine which data is work data, you can provide the device with domain information for your organization. You can specify a list of domain names, email address domains, and certificate server domains that are specific to your organization in the Work Domains IT policy rule. For example, if a user sends an email message to a contact that is not in the contact list on the device, the device can use the domain information in the Work Domains IT policy rule to determine whether the contact is a work contact.