What's new in BlackBerry UEM Cloud Skip Navigation

What's new in BlackBerry UEM Cloud

Android

Limit app install
: On
Android Enterprise
devices with the “
Work and personal - full control
” activation type, you can limit the apps users can install using the “Allowed personal apps from
Google Play
” IT policy rule.
Android
zero-touch
: You can now connect to
Android
zero-touch enrollment configuration from the
BlackBerry UEM
management console.
Android
12
:
BlackBerry UEM
supports
Android
12.

iOS

iOS
15
:
BlackBerry UEM
supports
iOS
15.

Gatekeeping

BlackBerry Gatekeeping Service
: The
BlackBerry Gatekeeping Service
can now connect to
Active Directory
using
Microsoft
Modern Authentication.

Azure

Azure AD
Conditional Access
:
BlackBerry UEM
supports
Azure AD
Conditional Access.
BlackBerry UEM Client
with
BlackBerry Dynamics
-enabled or
BlackBerry Work
can access
Office 365
when conditional access is enabled.

BlackBerry Infrastructure

Regionalization
:
BlackBerry UEM
version 12.15 continues to build on the regionalization features that allow
BlackBerry Dynamics
traffic to use the
BlackBerry Infrastructure
instead of the
BlackBerry Dynamics
NOC by implementing the use of the
BlackBerry Infrastructure
for the push notification service. Regionalization of the push notification service requires
BlackBerry Dynamics SDK
version 10.0 or later. The regionalization features require
BlackBerry Dynamics
apps released in February 2020 or later. For custom
BlackBerry Dynamics
apps,
BlackBerry Dynamics SDK
7.0 or later is required.
The regionalization features are available only on new installations of
BlackBerry UEM
as of version 12.12. If you are upgrading
BlackBerry UEM
, contact
BlackBerry
Technical Support to enable these features.

New IT policy rules

For a list of all IT policy rules, refer to the Policy reference spreadsheet.
Device Type
Rule Name
Description
Activation Types
Android
-Global
Allow changing
Wi-Fi
networks
Specify whether the user can set up connections to
Wi-Fi
networks other than the one specified by the
Wi-Fi
profile.
This option is selected by default.
Work space only
,
Work space only
(Premium),
Work and personal - full control
,
Work and personal - full control
(Premium)
Android
- Personal profile
Allowed personal apps from
Google Play
Specify the apps that users can install from
Google Play
in the personal space. You can allow all apps from
Google Play
, block users from installing specified apps, or allow only specified apps to be installed. This rule does not block users from installing apps in the personal space using a method other than
Google Play
.
The default setting is "Allow all apps".
Work and personal - full control
,
Work and personal - full control
(Premium)
Android
- Personal profile
Personal apps
Specify the package IDs for the apps that you want to block or allow in the personal space. If you chose to block specified apps, users can't install the specified apps from
Google Play
. If you chose to allow only specified apps, users can install only the specified apps.
Work and personal - full control
,
Work and personal - full control
(Premium)
Android
- Work profile
Limit length of time work profile can be turned off
Specify whether users must turn on the work profile after a specified time limit to continue using the device. If the work profile is turned off longer than the specified time period, personal apps are disabled and the device displays a notification.
This option is not selected by default.
Work and personal - user privacy
,
Work and personal - user privacy
(Premium),
Work and personal - full control
,
Work and personal - full control
(Premium)
Android
- Work profile
Maximum off-time
Specify the maximum number of hours that the user can keep the work profile turned off.
The default is 259200 seconds (3 days).
Work and personal - user privacy
,
Work and personal - user privacy
(Premium),
Work and personal - full control
,
Work and personal - full control
(Premium)
iOS
Allow Apple Watch to unlock device
Specify whether users can unlock the device from a paired Apple Watch.
This option is selected by default.
MDM controls
iOS
Allow dictation to be sent to
Siri
servers
Specify whether the device can send dictation audio to
Siri
servers for the purpose of improving dictation results. If this rule is not selected, the device does not send dictation audio to Apple.
This option is selected by default.
MDM controls
iOS
Allow NFC (supervised only)
Specify whether a device can use NFC.
This option is selected by default.
MDM controls
iOS
Allow restart to recovery mode from untrusted host (supervised only)
Specify whether users can restart the device into recovery mode from any host computer. If this rule is not selected, the device can only be restarted into recovery mode from computers that the device has previously trusted.
This option is not selected by default.
MDM controls
iOS
Allow translation to be sent to Siri servers
Specify whether the device can send translation audio to
Siri
servers for the purpose of improving translation results. If this rule is not selected, the device does not send translation audio to Apple.
This option is selected by default.
MDM controls
iOS
Allow
Wi-Fi
connections only to specified networks (supervised only)
Specify whether devices can connect only to
Wi-Fi
networks specified by a
Wi-Fi
profile. If this rule is not selected, devices can connect to networks specified by the user.
This option is not selected by default.
MDM controls
iOS
Allow copy and paste between documents from managed and unmanaged sources
Specify whether copy and paste of content between documents from managed and unmanaged sources respects the settings for the "Allow documents from managed sources in unmanaged destinations" and "Allow documents from unmanaged sources in managed destinations" rules. For example, if this rule is selected, you can copy from an unmanaged source to a managed destination document, only if documents from unmanaged sources are allowed in managed destinations.
This option is selected by default.
MDM controls

BlackBerry Enterprise Mobility Server

Active Directory
password expiration warning message
: You can configure a warning message in users’ BlackBerry Work app when the
Active Directory
password is about to expire for
Active Directory
users and groups that use the PSO (Password Settings Object) method to set the maximum password age. This feature requires that a
BlackBerry Connectivity Node
and LDAP is installed and configured in your environment. This feature requires an updated
BlackBerry Work
app. An updated
BlackBerry Work
app will be released in the near future.