Skip Navigation

Managing devices with IT policies

You can use IT policies to manage the security and behavior of devices in your organization's
BlackBerry UEM
environment. An IT policy is a set of rules that you can use to control device features and functionality. For example, you can use IT policy rules to enforce password requirements, prevent the use of certain device features (for example, the camera), and control the availability of certain apps.
You can configure rules for all device types in the same IT policy. The device OS determines the features that can be controlled using IT policy rules. The device activation type determines which rules apply to a specific device and whether you can use rules to control the entire device or the work space only. Devices ignore IT policy rules that are not applicable.
Download the IT policy rules spreadsheet for a comprehensive reference of all available IT policy rules for each device type that
UEM
supports.
UEM
includes a default IT policy with preconfigured rules for each device type. You can change the default IT policy to meet your organization's needs. If no IT policy is assigned to a user account, a user group that a user belongs to, or a device group that a user's devices belong to,
UEM
sends the default IT policy to a user's devices.
UEM
automatically sends an IT policy to a device when a user activates it, when you update an assigned IT policy, or when a different IT policy is assigned to a user account or device.
UEM
assigns only one IT policy to a device and uses predefined rules to determine which IT policy to assign. An IT policy assigned directly to a user takes precedence over an IT policy that is assigned through user group membership. If a user is a member of multiple user groups with different IT policies, ranking is used to determined which IT policy to assign. If a user's device belongs to a device group, the IT policy assigned to the device group takes precedence over an IT policy that is assigned directly to the user. If the device belongs to multiple device groups with different IT policies, ranking is used to determined which IT policy to assign.