Infobox offers customization of IT policies on the hosting version of the BlackBerry Enterprise Server
Last year, Infobox launched a hosting version of the BlackBerry Enterprise Server . Thus, we began to offer this service not as a dedicated solution, drastically reducing capital expenditures for businesses that want to receive a combined corporate mail service based on Exchange 2010 and BlackBerry.
Like most new services that are just being introduced and are gaining popularity, our initial offer was unified. By providing the so-called core services of the BlackBerry Enterprise server , it could not provide the flexibility to use the entire enormous functionality of the product, which was expected by customers whose business demanded that the standard capabilities be adapted to their business objectives and business requirements.
Today we are ready to offer flexible customization of IT policies for each specific account, not limited to default policies. Thus, customers of the service will be able to more flexibly adapt the used service to their internal security standards.
')
What are IT policies on a BlackBerry Enterprise server ?
BlackBerry devices perform the function of a terminal on the service’s user’s network, so it’s important for IT administrators to be able to manage the BlackBerry solution in the same way that they manage other elements of the corporate infrastructure.
This is achieved relatively easily in the case of in-house hosting of a BlackBerry Enterprise server, but such a solution is available only to large enough companies due to the really large capital investments required at the service implementation stage.
The creators of BlackBerry - the company RIM provided for this. The BlackBerry Enterprise Server includes enough tools that help bring the management of the internal IT infrastructure and hosting service of the BlackBerry Enterprise Server to uniform standards.
Currently, BlackBerry Enterpise Server 5 provides the ability to use more than 500 IT policies, which are described in a special BlackBerry Enterprise Server Policy Reference Guide - 314 reading pages for true fans of BES :). With it, administrators can customize a default solution by creating a mobile solution that meets the best for the company security and efficiency.
Administrators are interested in managing and controlling applications that the end user can install and use, set password policies (yes, 'password123' is still a favorite of many, and the use of secure passwords is extremely important), turn on / off Bluetooth and much more.
Consider, for example, the question of user authentication. What password policy can be considered acceptable for BlackBerry users? Obvious parameters are the length and complexity of the password, as well as a ban on the use of passwords like the one mentioned above. Such a scenario is provided, and the service administrator can flexibly customize the policy for the necessary requirements.
Or, say, what about the ban on the use of third-party applications on smartphones? How to implement such a policy?
RIM has taken care of this as well, so administrators have about 10 scenarios available for implementing such a policy. After its application to the smartphone, no third-party applications can be downloaded and used on the device.
Other commonly requested policies include:
• What can you do to protect your BlackBerry smartphone from unauthorized access?
• What encryption rules can be applied to BlackBerry smartphone data?
Currently, every BlackBerry smartphone is assigned a default policy when it is activated, which was designed to provide a minimum level of security (the word "minimum" should not be misleading, because even the "minimum" is at a very high level of security standards with the BlackBerry Enterpirse Server ). RIM made it possible to expand the boundaries of these initial settings, and Infobox decided to provide this service, guided primarily by the desire to increase the attractiveness of the BlackBerry offer by using the full range of its capabilities that were previously available only with in-house hosting.
Deploying policies within a single account also does not seem to be a problem, because once created, a policy is easily applied to the right users. Its application becomes clear and transparent for the end user. All settings are applied to a smartphone without direct work with a single device, which, in the case of a significant number of users, significantly saves administrative time.
The real use of IT policies.
When entering this service, we were guided by the fact that some companies that have already implemented the BlackBerry Enterprise Server solution will want to get more from this service. Our assumption is based on queries that we have already seen. For example, some organizations wanted to open access to social networks for their employees. In a business-oriented application, this option is disabled by default, which is natural.
We are ready, if there is demand, to import existing policies for customers of the service (this may be especially relevant in the case of migration from an in-house server to a hosting solution).
Part of the new functions should look especially attractive for users of services, since it will literally optimize and improve every aspect of solution administration and reduce intervention in further stages of using the service. In order not to be unfounded I will give a few examples:
1. Auto backup of user data. The default value is every 7 days, respectively, there is a risk of data loss for up to 6 days. The value is adjustable and when set to a minimum (2 days) will minimize the potential damage.
2. Control over calls and SMS messages (restriction, prohibition).
3. The ability to adjust the time intervals, after which the device will be automatically locked (in the absence of activity on the smartphone).
4.Polol on the device with a given validity period.
5.Regulirovanie access to the Internet through the BlackBerry browser accessibility settings.
6. Absolute customization of available applications.
7. Opening or closing communication and positioning protocols (Bluetooth, Wi-Fi, GPS).
8. Turn on / off photo and video functions.
9. Limiting the storage time of messages on the device.
10. Possibility of centralized geolocation tracking of users.
11. Passwords with a specific pattern.
12. Enable / disable public messaging services such as ICQ, AIM, Google Talk and others.
13. And of course, remote cleaning of the device in case of its loss.
We expect to make these services available next month. Probably, the proposal will consist of several pre-defined policies with the most popular options (in addition to default) and the creation of fully custom policies for large customers.
Are there alternatives?
A solution comparable in functionality is Exchange ActiveSync policies. In most aspects, they provide equally flexible approaches to customizing options available on a device with ActiveSync support.
The total number of options available for the administrator to configure is not as significant and not as granular as in the case of the BlackBerry Enterprise server , but despite this, it allows you to maintain a fairly transparent centralized control of user devices.
We will definitely cover the ActiveSync policies in one of the following articles, as this topic is very interesting and may be useful for you.
We are by no means tuned to a holivar of the BES vs EAS type - the “sharpened” BES on the business made it a favorite a priori on the enterprise field and so far exclusively Apple-based devices in their spirit (we bring them because the real competitor to the RIM business tool can be only they) did not win the big love of business (comparable to the love for BlackBerry).
In what we currently see a certain advantage of BlackBerry Enterprise server policies over Exchange ActiveSync? The main problem of the last protocol (the problem of non-end users is the problem of unified standardization) is a host of devices from different manufacturers that either use the native protocol (Windows Mobile) or its licensed version (Apple, Palm, Nokia). The problem is that different implementations of the protocol by different vendors support different functions, and not one (except for Windows Mobile with certain reservations) does not support all of them. In addition, some protocol implementations (for example, Apple) caused very serious problems for the Exchange server (you can tell a lot here), and some were just non-working for some time (Palm WebOs update to 1.2). The recently released Windows Phone, by the way, also cannot boast support for all protocol functions.
We look forward to making these services available next month. Probably, the proposal will consist of several pre-defined policies with the most popular options (in addition to default) and the creation of fully custom policies for large customers.
As a company, we believe in the potential of a service, we see a growing demand for it and a business desire to use not only out-of-the-box solutions, but also to have the opportunity to fine-tune the service to suit its business processes and tasks.
Like most new services that are just being introduced and are gaining popularity, our initial offer was unified. By providing the so-called core services of the BlackBerry Enterprise server , it could not provide the flexibility to use the entire enormous functionality of the product, which was expected by customers whose business demanded that the standard capabilities be adapted to their business objectives and business requirements.
Today we are ready to offer flexible customization of IT policies for each specific account, not limited to default policies. Thus, customers of the service will be able to more flexibly adapt the used service to their internal security standards.
')
What are IT policies on a BlackBerry Enterprise server ?
BlackBerry devices perform the function of a terminal on the service’s user’s network, so it’s important for IT administrators to be able to manage the BlackBerry solution in the same way that they manage other elements of the corporate infrastructure.
This is achieved relatively easily in the case of in-house hosting of a BlackBerry Enterprise server, but such a solution is available only to large enough companies due to the really large capital investments required at the service implementation stage.
The creators of BlackBerry - the company RIM provided for this. The BlackBerry Enterprise Server includes enough tools that help bring the management of the internal IT infrastructure and hosting service of the BlackBerry Enterprise Server to uniform standards.
Currently, BlackBerry Enterpise Server 5 provides the ability to use more than 500 IT policies, which are described in a special BlackBerry Enterprise Server Policy Reference Guide - 314 reading pages for true fans of BES :). With it, administrators can customize a default solution by creating a mobile solution that meets the best for the company security and efficiency.
Administrators are interested in managing and controlling applications that the end user can install and use, set password policies (yes, 'password123' is still a favorite of many, and the use of secure passwords is extremely important), turn on / off Bluetooth and much more.
Consider, for example, the question of user authentication. What password policy can be considered acceptable for BlackBerry users? Obvious parameters are the length and complexity of the password, as well as a ban on the use of passwords like the one mentioned above. Such a scenario is provided, and the service administrator can flexibly customize the policy for the necessary requirements.
Or, say, what about the ban on the use of third-party applications on smartphones? How to implement such a policy?
RIM has taken care of this as well, so administrators have about 10 scenarios available for implementing such a policy. After its application to the smartphone, no third-party applications can be downloaded and used on the device.
Other commonly requested policies include:
• What can you do to protect your BlackBerry smartphone from unauthorized access?
• What encryption rules can be applied to BlackBerry smartphone data?
Currently, every BlackBerry smartphone is assigned a default policy when it is activated, which was designed to provide a minimum level of security (the word "minimum" should not be misleading, because even the "minimum" is at a very high level of security standards with the BlackBerry Enterpirse Server ). RIM made it possible to expand the boundaries of these initial settings, and Infobox decided to provide this service, guided primarily by the desire to increase the attractiveness of the BlackBerry offer by using the full range of its capabilities that were previously available only with in-house hosting.
Deploying policies within a single account also does not seem to be a problem, because once created, a policy is easily applied to the right users. Its application becomes clear and transparent for the end user. All settings are applied to a smartphone without direct work with a single device, which, in the case of a significant number of users, significantly saves administrative time.
The real use of IT policies.
When entering this service, we were guided by the fact that some companies that have already implemented the BlackBerry Enterprise Server solution will want to get more from this service. Our assumption is based on queries that we have already seen. For example, some organizations wanted to open access to social networks for their employees. In a business-oriented application, this option is disabled by default, which is natural.
We are ready, if there is demand, to import existing policies for customers of the service (this may be especially relevant in the case of migration from an in-house server to a hosting solution).
Part of the new functions should look especially attractive for users of services, since it will literally optimize and improve every aspect of solution administration and reduce intervention in further stages of using the service. In order not to be unfounded I will give a few examples:
1. Auto backup of user data. The default value is every 7 days, respectively, there is a risk of data loss for up to 6 days. The value is adjustable and when set to a minimum (2 days) will minimize the potential damage.
2. Control over calls and SMS messages (restriction, prohibition).
3. The ability to adjust the time intervals, after which the device will be automatically locked (in the absence of activity on the smartphone).
4.Polol on the device with a given validity period.
5.Regulirovanie access to the Internet through the BlackBerry browser accessibility settings.
6. Absolute customization of available applications.
7. Opening or closing communication and positioning protocols (Bluetooth, Wi-Fi, GPS).
8. Turn on / off photo and video functions.
9. Limiting the storage time of messages on the device.
10. Possibility of centralized geolocation tracking of users.
11. Passwords with a specific pattern.
12. Enable / disable public messaging services such as ICQ, AIM, Google Talk and others.
13. And of course, remote cleaning of the device in case of its loss.
We expect to make these services available next month. Probably, the proposal will consist of several pre-defined policies with the most popular options (in addition to default) and the creation of fully custom policies for large customers.
Are there alternatives?
A solution comparable in functionality is Exchange ActiveSync policies. In most aspects, they provide equally flexible approaches to customizing options available on a device with ActiveSync support.
The total number of options available for the administrator to configure is not as significant and not as granular as in the case of the BlackBerry Enterprise server , but despite this, it allows you to maintain a fairly transparent centralized control of user devices.
We will definitely cover the ActiveSync policies in one of the following articles, as this topic is very interesting and may be useful for you.
We are by no means tuned to a holivar of the BES vs EAS type - the “sharpened” BES on the business made it a favorite a priori on the enterprise field and so far exclusively Apple-based devices in their spirit (we bring them because the real competitor to the RIM business tool can be only they) did not win the big love of business (comparable to the love for BlackBerry).
In what we currently see a certain advantage of BlackBerry Enterprise server policies over Exchange ActiveSync? The main problem of the last protocol (the problem of non-end users is the problem of unified standardization) is a host of devices from different manufacturers that either use the native protocol (Windows Mobile) or its licensed version (Apple, Palm, Nokia). The problem is that different implementations of the protocol by different vendors support different functions, and not one (except for Windows Mobile with certain reservations) does not support all of them. In addition, some protocol implementations (for example, Apple) caused very serious problems for the Exchange server (you can tell a lot here), and some were just non-working for some time (Palm WebOs update to 1.2). The recently released Windows Phone, by the way, also cannot boast support for all protocol functions.
We look forward to making these services available next month. Probably, the proposal will consist of several pre-defined policies with the most popular options (in addition to default) and the creation of fully custom policies for large customers.
As a company, we believe in the potential of a service, we see a growing demand for it and a business desire to use not only out-of-the-box solutions, but also to have the opportunity to fine-tune the service to suit its business processes and tasks.
Source: https://habr.com/ru/post/116856/
All Articles