Administration Guide

Local Navigation

Preconfigured IT policies

The BlackBerry® Enterprise Server includes the following preconfigured IT policies that you can change to create IT policies that meet the requirements of your organization.

Preconfigured IT policy

Description

Default

This policy includes all the standard IT policy rules that are set on the BlackBerry Enterprise Server.

Individual-Liable Devices

Similar to the Default IT policy, this policy prevents BlackBerry device users from accessing organizer data from within the social networking applications on their BlackBerry devices.

This policy permits users to access their personal calendar services and email messaging services (for example, their BlackBerry® Internet Service accounts), update the BlackBerry® Device Software using methods that exist outside your organization, make calls when devices are locked, and cut, copy, and paste text. Users cannot forward email messages from one email messaging service to another.

You can use the Individual-Liable Devices IT policy if your organization includes users who purchase their own devices and connect the devices to a BlackBerry Enterprise Server instance in your organization's environment.

Basic Password Security

Similar to the Default IT policy, this policy also requires a basic password that users can use to unlock their devices. Users must change the passwords regularly. The IT policy includes a password timeout that locks devices.

Medium Password Security

Similar to the Default IT policy, this policy also requires a complex password that users can use to unlock their devices. Users must change the passwords regularly. This policy includes a maximum password history and turns off Bluetooth® technology on devices.

Medium Security with No 3rd Party Applications

Similar to the Medium Password Security, this policy requires a complex password that a user must change frequently, a security timeout, and a maximum password history. This policy prevents users from making their devices discoverable by other Bluetooth enabled devices and prevents devices from downloading third-party applications.

Advanced Security

Similar to the Default IT policy, this IT policy also requires a complex password that users must change frequently, a password timeout that locks devices, and a maximum password history. This policy restricts Bluetooth technology on devices, turns on strong content protection, turns off USB mass storage, and requires devices to encrypt external file systems.

Advanced Security with No 3rd Party Applications

Similar to the Advanced Security IT policy, this IT policy requires a complex password that users must change frequently, a password timeout that locks devices, and a maximum password history. This policy restricts Bluetooth technology on devices, turns on strong content protection, turns off USB mass storage, requires devices to encrypt external file systems, and prevents devices from downloading third-party applications.

Default values for preconfigured IT policies

You can configure additional IT policy rules in the preconfigured IT policies or change any of the following values:

IT policy rule

Default IT policy

Individual-Liable Device IT policy

Basic Password Security IT policy

Medium Password Security IT policy

Medium Password Security with No 3rd Party Applications IT policy

Advanced Security IT policy

Advanced Security with No 3rd Party Applications IT policy

Device-Only Items

Enable Long-Term Timeout

Yes

Yes

Yes

Yes

Maximum Security Timeout

30 minutes

10 minutes

10 minutes

10 minutes

10 minutes

Maximum Password Age

60 days

30 days

30 days

30 days

30 days

Password Pattern Checks

no restriction

no restriction

at least 1 alpha and 1 numeric character

at least 1 alpha and 1 numeric character

at least 1 alpha and 1 numeric character

at least 1 alpha and 1 numeric character

Password Required

No

Yes

Yes

Yes

Yes

Yes

User Can Change Timeout

Yes

Yes

Yes

Yes

Yes

Yes

User Can Disable Password

Yes

No

No

No

No

No

Password policy group

Maximum Password History

6

6

6

6

RIM Value-Added Applications policy group

Disable Organizer Data Access for Social Networking Applications

Yes

Yes

Security policy group

Allow Outgoing Call When Locked

No

Yes

Content Protection Strength

Strong

Strong

Disable Cut/Copy/Paste

No

No

Disable Forwarding Between Services

No

Yes

Disable USB Mass Storage

No

Yes

Yes

Disallow Third Party Application Download

No

Yes

Yes

External File System Encryption level

Not required

Encrypt to user password (excluding multimedia directories)

Encrypt to user password (excluding multimedia directories)

Force Lock When Holstered

No

Yes

Yes

Yes

Yes

Reset to Factory Defaults on Wipe

No

Yes

Service Exclusivity policy group

Allow Other Calendar Services

Yes

Yes

Allow Other Message Services

Yes

Yes

Bluetooth® policy group

Disable Address Book Transfer

No

Yes

Yes

Disable Discoverable Mode

No

Yes

Yes

Yes

Yes

Disable File Transfer

No

Yes

Yes

Disable Serial Port Profile

No

Yes

Yes

Require LED Connection Indicator

No

Yes

Yes

Wi-Fi® policy group

Wi-Fi Allow Handheld Changes

Yes

No

No

No

No

No

Wireless Software Upgrades policy group

Allow Non Enterprise Upgrade

No

Yes

Back To Top

Was this information helpful? Send us your comments.