Blackberry Security Policy

Posted on 2011-05-04
Last Modified: 2012-05-11

I am curious to know if the BES can push password lockouts to users devices. so when the device goes to sleep, it requires a password to be accessed and not only when its turned on.

I want to use the BES to do this so that in the event a user disables this feature on their mobiel device, it will force the password lock to come back on.

it would require mandatory x number of characters for password rule as well.

can this be achieved?


Question by:Ancients
    LVL 14

    Assisted Solution

    by:Shabarinath Ramadasan
    Yes. You can achieve this directly through IT Security Policy.
    You have separate settings for Enforce Password, Time out value, Wrong password threshold etc.

    Create a new policy and assign few users to this policy to test it out before rolling out.
    You will get the full features available on features on the below link.

    Good luck
    LVL 25

    Accepted Solution


    The settings you require are as follows:

    Device Only Items

    Password Required: Yes
    Minimum Password Length: 6, 9 or whatever length you require
    User can disable password: No
    Maximum Security Timeout: 15 [minutes] (for example)
    Password Maximum Age: 30 days (for example) - make this consistent with your desktop policy
    User can change timeut: No
    Password Pattern Checks: suggest 2 (this can be used to enforce numbers, letters and special characters in the password)

    Password Policy Group

    Set Password Timeout: 15 mins (set this to the value of the maximum security timeout)
    Set Maximum Password attempts: 5 (for example)
    Suppress Password Echo: Yes
    Maximum Password History: 15

    Security Policy Group
    Force Lock When Holstered: Yes
    Resert to Factory Defaults on Wipe: Yes

    Hope this helps - please adjust settings as required.

    Happy to help further - please let me know.


    LVL 1

    Author Comment

    awesome and thanks.

    Ill give these ago on monday. but you are sure that means if a user can not disable the password on their device if I configure the above on the BES.

    thankss again.
    LVL 14

    Assisted Solution

    by:Mike Sullivan
    Hi Ancients,

    The policy setting mentioned by Rob which states 'Password Required: Yes' will enforce a password on any device attached to your BES. The users will not be able to disable this unless they wipe the device and reset it to factory defaults. As soon as they try to reconnect it to the BES, the password requirement will be enforced again.
    LVL 1

    Author Closing Comment

    Thanks Guys, ideas and reassurance with clear instructions all helped very much.

    RobM has provided good instructions for me :)

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Is Threat Intelligence?

    Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

    Having problems with your LG G3? Whether the front camera doesn’t work, the display doesn’t turn on, or your phone just doesn’t seem to be charging, you’ll be able to troubleshoot the issue with this step-by-step guide.  Phone doesn’t Charge It ta…
    Let Bitmoji into your life. Now is the time to learn a new language of smartphone messaging with this brief introduction.
    how to add IIS SMTP to handle application/Scanner relays into office 365.
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now