Software configuration is what your looking for: http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB05392&sliceId=1&docTypeID=DT_SUPPORTISSUE_1_1&dialogID=80569127&stateId=wrong%20Id
http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB11396&sliceId=2&docTypeID=DT_SUPPORTISSUE_1_1&dialogID=80569127&stateId=wrong%20Id Colin On Tue, Apr 28, 2009 at 2:17 PM, Jade Purdie/Tomkins <[email protected]> wrote: > > Software Control Policies are what you need. Have a look at this > http://www.blackberry.com//btsc/dynamickc.do?cmd=show&forward=nonthreadedKC&docType=kc&externalId=KB05392&sliceId=1 > > Best regards > > Jade Purdie | Tomkins plc > Senior ICT Analyst, MIS Department > [email protected] | direct tel: +44 (0)20 8877 5105 | blackberry: +44 > (0)7834 4321 29 > > > Jonathan Barker <[email protected]> > Sent by: [email protected] > > 28/04/2009 19:13 > > Please respond to > "A list for BES Admin's to discuss issues, etc." > <[email protected]> > To > "A list for BES Admin's to discuss issues, etc." > <[email protected]> > cc > Subject > [Bes-admins] Question about application control and securing the > blackberry > > > > > We recently performed a security audit and discovered that our Blackberry is > a weak point. Blackberry applications exist that can forward data to an > outside source without the user’s knowledge. > > I’m testing options to lock down our devices. I found an IT Policy setting > which requires the user to enter their password to install an application, > which would prevent someone from snatching a device off the table and > loading an app OTA. I’d also like to have the option of locking down the > device completely, so no apps can be installed, and then possibly the option > of locking down the device so that only apps I OK on the BES are allowed to > be installed, but at the user’s request. > > My 1st question is how can I prevent all applications from being installed? > I looked in IT Policy and found only a setting that prevents non-RIM signed > apps (Under Security Policy Group -> Disallow 3rd party application > download). Is there something that locks it down even further? > > 2nd question – Is there a way to whitelist applications? Ideally i’d like > to put the app on the BES and have BES scan and allow that application. I > don’t want it to install, but rather just say it’s OK if someone else > installs it._______________________________________________ > Bes-Admins mailing list > [email protected] > http://www.dataoutages.com/mailman/listinfo/bes-admins > http://www.dataoutages.com > RSS Feed: http://feeds.feedburner.com/Bes-admins > --------------------------------- > Bes-Admins mailing list is Sponsored by Port3101.org : Your BES Connection. > http://www.dataoutages.com/3101 > > > _______________________________________________ > Bes-Admins mailing list > [email protected] > http://www.dataoutages.com/mailman/listinfo/bes-admins > http://www.dataoutages.com > RSS Feed: http://feeds.feedburner.com/Bes-admins > --------------------------------- > Bes-Admins mailing list is Sponsored by Port3101.org : Your BES Connection. > http://www.dataoutages.com/3101 > > -- Colin Falkinburg _______________________________________________ Bes-Admins mailing list [email protected] http://www.dataoutages.com/mailman/listinfo/bes-admins http://www.dataoutages.com RSS Feed: http://feeds.feedburner.com/Bes-admins --------------------------------- Bes-Admins mailing list is Sponsored by Port3101.org : Your BES Connection. http://www.dataoutages.com/3101
