Table of Contents
Advertisement
BlackBerry Enterprise Solution
•
create a DoS to make your network unusable
•
access your organization's network using your organization's BlackBerry devices
By default, Java based BlackBerry devices can download any third-party application over the wireless network
using the BlackBerry Browser. The BlackBerry Enterprise Server administrator can also send third-party
applications to BlackBerry devices over the wireless network, and install them on BlackBerry devices
automatically. The BlackBerry Enterprise Solution includes tools designed to enable the BlackBerry Enterprise
Server administrator to control the manual or automatic installation of third-party applications and limit the
access of untrusted applications to the BlackBerry device and its resources to help contain malware attacks on
the BlackBerry device.
On computers, malware prevention requires processes that both detect and contain malware attacks. Detection
is the process of determining whether or not an application is malware. Effective malware detection requires a
comprehensive and frequently-updated local database or a constant connection to a similarly qualified online
database. While computers might have access to these databases, current mobile devices do not have enough
storage space for a malware database and cannot guarantee a constant connection to the Internet.
The BlackBerry Enterprise Solution is designed to use IT policies, application control policies, and code signing to
contain malware by controlling third-party application access to the BlackBerry device resources and
applications. These containment methods are designed to prevent malware that might gain access to the
BlackBerry device from causing damage to the BlackBerry device, its applications and its data, or your
organization's network.
For more information, see Protecting the BlackBerry Device Platform Against Malware.
Using IT policy rules to contain malware on the BlackBerry device
The BlackBerry Enterprise Server Version 4.1 SP2 or later includes IT policy rules that are designed to enable the
BlackBerry Enterprise Server administrator to
•
prevent BlackBerry devices from downloading third-party applications over the wireless network
•
specify whether or not applications, including third-party applications, on the BlackBerry device can initiate
specific types of connections
Note: The BlackBerry Enterprise Server administrator cannot use an IT policy to permit or prevent downloading
specific applications on the BlackBerry device. The BlackBerry Enterprise Server administrator can do this using
one or more application control policies.
Using application control policy rules to contain malware on the BlackBerry device
The BlackBerry Enterprise Server application control policy rules are designed to let the BlackBerry Enterprise
Server administrator allow or prevent the installation of specific third-party applications on the BlackBerry
device and to limit the permissions of third-party applications, including
•
the resources (for example, email, phone, and BlackBerry device key store) that third-party applications can
access on the BlackBerry device
•
the types of connections that a third-party application running on the BlackBerry device can establish (for
example, local, internal, and external connections)
•
whether or not an application can access the user authenticator framework API, which permits the
registration of drivers to provide two-factor authentication to unlock the BlackBerry device
For example, to control connections to your internal servers from third-party applications on the BlackBerry
device, the BlackBerry Enterprise Server administrator can create an application control policy that prevents the
application to which it is assigned from making internal connections. When the BlackBerry Enterprise Server
administrator applies the application control policy to a software configuration for a user or one or more user
groups, those BlackBerry device users might not be able to use the full functionality of any third-party
application to which the BlackBerry Enterprise Server administrator assigns the application control policy to
send and receive data from internal servers. When the BlackBerry Enterprise Server administrator sets
www.blackberry.com
59
Advertisement
Table of Contents
Related Manuals for Blackberry ENTERPRISE SOLUTION SECURITY - ENTERPRISE SOLUTION - SECURITY TECHNICAL
Related Products for Blackberry ENTERPRISE SOLUTION SECURITY - ENTERPRISE SOLUTION - SECURITY TECHNICAL
- BLACKBERRY ENTERPRISE SOLUTION SECURITY - ENFORCING ENCRYPTION OF INTERNAL AND EXTERNAL FILE SYSTEMS ON DEVICES
- BLACKBERRY ENTERPRISE SOLUTION SECURITY - ERASING FILE SYSTEMS ON DEVICES - TECHNICAL
- BLACKBERRY ENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
- BLACKBERRY ENTERPRISE SOLUTION SECURITY - - ACRONYM GLOSSARY
- Blackberry ENTERPRISE SOLUTION ENFORCING
- Blackberry ENTERPRISE SOLUTION ERASING FI
- Blackberry ENTERPRISE SOLUTION DEVICES TE
- Blackberry Enterprise Solution Security
- Blackberry Enterprise Server For MDS
- Blackberry Enterprise Server Server Resource Kit
- Blackberry Enterprise Server Express
- BLACKBERRY ENHANCED GOOGLE MAIL PLUG IN - LEARN MORE
- Blackberry Enhanced Google Mail Plug-in
- BLACKBERRY EBAY - LEARN MORE
- Blackberry eBay
- BLACKBERRY ENTERPRISE SERVER FOR IBM LOTUS DOMINO - - TECHNICAL NOTE FOR JAPANESE ENVIRONMENTS