Security Technical Overview

Local Navigation

Managing third-party applications on a device that a user uses for personal purposes

By default, a BlackBerry® device classifies all third-party applications as work applications that can access work data.

After you set the Enable Separation of Work Content IT policy rule to Yes, if you do not want specific third-party applications to access work data such as work contacts, you can consider performing any of the following actions:

  • Create a software configuration for all unlisted applications and set the "Is access to the corporate data API allowed" application control policy rule to Deny. This prevents all third-party applications from accessing work data. If you want to allow specific third-party applications to access work data, you can create a software configuration that allows only third-party applications that you specify to access work data.
  • Create a software configuration for each application that you want to prevent from accessing work data and set the "Is access to the corporate data API allowed" application control policy rule to Deny. This prevents third-party applications that you specify from accessing work data and allows all third-party applications that you do not specify to access work data.
  • Create a software configuration and set the disposition for unlisted applications to Disallowed. This prevents a BlackBerry device user from installing any third-party applications on the device that you did not specifically list in the software configuration.
  • Create a software configuration that lists specific applications and set the disposition to Disallowed. This prevents a user from installing the third-party applications that you listed in the software configuration.

For more information, see the BlackBerry Enterprise Server Administration Guide.


Was this information helpful? Send us your comments.