Bes and application permissions

anything I don't mind · 1 May 2012 at 12:32

I just received a new blackberry, first time i have used a device, although i have been supporting them and the BES for 5 years+ I have never used one before.

I installed some 3rd party applications and they keep prompting for permissions changes everytime i run the application. I looked in to it and it appears that the "allow" option is not available due to my BES it policy.

Where in the BES can i change this policy so that the allow option is available for 3rd party applications?

I asked the sysadmin of our work network and he said that it is the way blackberry are on the BES as such you can't install 3rd party applications without continuous annoying prompts.

I read up further and it said the way around this is to deploy applications from the BES to the devices.

Is there anyway to bypass the IT policy and set the allow permission, is the office sysadmin lying and you can actually change the permissions on the BES?

If this is the way it has been designed then it is no wonder rim are having problems, realy poorly designed security model.

kefkef · 1 May 2012 at 13:13

Not having done BES, but having used one and managed the team, can they not just set up another policy that allows apps to be installed? It must be possible in some way as i couldnt install apps on my BB, kept saying IT policy wouldnt allow it, told my BES admin to sort it and a day later i could install apps (but other users were still restricted)!

anything I don't mind · 1 May 2012 at 13:26

Ok thanks, yea I have looked through the BES here and i can find application permissions but nothing specifically for 3rd party applications.

I doubt the guy would change it any way. But if i knew exactly where the option was that might help my case.

J.B · 1 May 2012 at 13:36

It is an option on the BES IT Policy. Im pretty sure you can change this on the policy and have devices install their own apps although it is not good security practise. Alternatively you can do as your admin has said and deploy them via the BES.

I couldn't tell you exactly where the option is but it is definitely in the policy somewhere.

It's actually quite a good security model for a corporate environment. Much better than the alternative

anything I don't mind · 1 May 2012 at 14:38

The alternative is too allow uses to install applications and give them permission to work?

The problem is that the applications should not have ability to do anything that would warrant not allowing applications to be allowed.

It makes no sense at the moment anyway because i can install the applications and use them, i just get an annoying prompt every time i open them. Whats the point in that ?

Not such a big deal ill just have to not use the applications that have annoying prompts, not all of them do.

kefkef · 1 May 2012 at 15:57

Spoke to our guy. He copied the standard IT policy (renaming it to Test_Dev) and enabled the 'allow software download/installation' so there were two policies that can be applied to the handsets, all standard users are in the original policy and the Test_Dev policy is applied to IT handsets so they can install any app they want.