BlackBerry Forums Support Community

BlackBerry Forums Support Community (http://www.blackberryforums.com/)
-   General BlackBerry Discussion (http://www.blackberryforums.com/general-blackberry-discussion/)
-   -   Blocking software install.. (http://www.blackberryforums.com/general-blackberry-discussion/12096-blocking-software-install.html)

shortyroc 07-17-2005 10:16 PM

Blocking software install..
 
Is there any way to block software from being installed on the blackberry??? my boss is trying to close a deal and the only thing stopping the company is that they dont want there employees installing anything that might mess anything up... And the tech dept. doesnt want to deal with with people doing something stupid... we all know how stupid people can be.

blackberrycat 07-18-2005 12:21 AM

My take on employers treating the people they employ as "stupid people" must be "stupid" themselves. My wife's company bought each employee an expensive IBM notebook and locked up the installation of softwares, and if that's not enough they also set the security for the emails so high most of the employees couldn't use emails reliably. So, what do you think the workers do to the expensive notebooks. You're right! Most of them just stopped using them except for paper weights? The moral here is "let them explore and soon the creativity juice will flow". just my 2 cents worth...

Soapm 07-18-2005 01:48 AM

Wow, another non-IT guy on the forum.

jibi 07-18-2005 02:23 AM

Quote:

Originally Posted by shortyroc
Is there any way to block software from being installed on the blackberry??? my boss is trying to close a deal and the only thing stopping the company is that they dont want there employees installing anything that might mess anything up... And the tech dept. doesnt want to deal with with people doing something stupid... we all know how stupid people can be.

if the users are on a BES, then software installations can be blocked - wired and over-the-air - via IT Policy. here is a screenshot of the entire IT Policy configuration options for Exchange BES:

http://www.blackberryforums.com/atta...tachmentid=183

if you want more information, you can download the Administation Guide for BES in the Product Documentation section of RIM's BlackBerry support site. it has details on each option.

Mr Pink57 07-18-2005 03:34 AM

Wirelessly posted (your electric?: MOT-A-2B/03.02 UP.Browser/4.1.27a1 UP.Link/5.1.2.12)

Sorry but that sounds like a lazy IT department. My question is then what do they do? No offense to you man but what the previous poster stated is correct. They will become paperweights. pink

NJBlackBerry 07-18-2005 07:14 AM

THere are many cases where locking down BlackBerrys, like locking down desktops, makes a great deal of sense. If you have hundreds or thousands of BBs globally, you must provide a stable and secure device. It makes sense to lock them down - do you want an auditor or lawyer (just picking on them) loading up v4.0.2.8.1 of the handheld OS when that may break a corporate supplied application?

Sometimes the bigger picture - corporate and global - needs to take a front seat to individual wants.

It's not lazy - it's survival. Thousands of BBs and only a handful of BB administrators.

dionforeman 03-03-2006 12:25 PM

a-lot of it is gov't mandated. i work for a bank and the gov't mandates an absolute secure nw. if our nw is compromised by some stupid user downloading sw/worm/virus, then the entire company is at risk.

kelvin 03-03-2006 12:49 PM

From a non IT guy perspective - I recently discovered that our units were locked down. Of our install pool (maybe 200+), we have only a few people who have internet access. I was approved for access and approved to try out the Nextel Telenav system. After going to the website, I found I was unable to download. A quick call to the BES admin and we found how locked down we were. While I agree with NJ and jibi to a point on security, in my case (with a restricted internet access pool - and they do not have BB Desktop installed on any of the systems), I think the security goes a little too far sometimes.

d_fisher 03-03-2006 01:00 PM

Security policies are always a fine line between security and usablility. You can have the most secure network/devices in the world, but user productivity will be horrible. Some companies are more security oriented than others. And what most end-users dont understand, is that a lot of the security is there to protect them from themselves.

earth 03-03-2006 01:14 PM

we use locked down user workstations and laptops. Anyone who doesn't understand why that needs to be done doesn't understand how much work IT actually does. For example, every once in a while someone (usually exec) will get a favourable preference and get a different policy than the rest (similar to IT) so then we have users that don't know how to use their computers downloading everything from toolbars, to spyware, to virus'. Granted, a lot of crap lately seems to install through backdoors but locking down PCs is far more economical from a business standpoint than paying and IT employee to go and run virus + spyware removal tools for 2 hours every month.

And as another aside, it's mean and generalizing, but a lot of employees outside of IT are quite dumb when it comes to computers. There's nothing wrong with that, but it can be dangerous from a security standpoint to allow people open desktops that can be compromised.

KonTiki 03-03-2006 01:17 PM

There is a way around all the security, Buy your own BB and use it any way you feel like it. Only do not complain when you cannot get emails from the office or wireless synch, or better yet, any support from them "IT GUYS", geez, go figure.

ebgreen 03-03-2006 01:22 PM

I don't even care about the security aspect of locking the devices down (well I do but not as much as other concerns because BBs are relatively secure out of the box). Every time that you install software on you BB you make it subtly different from someone else's. We have 2500 BB users. Supporting and troubleshooting problems in 2500 subtly different environments would be a nightmare. Another item to consider is the legality of installing the software on a corporate device in the first place. Many license agreements (if the user bothers to read them in the first place) put restrictions on the use of software in a corporate environment that are different from the requirements for an individual user. All software that is installed in our environment must be reviewed by our security team( is it safe), our desktop management team (does it play well in our environment), our legal team (is there wording in the license agreement that could result in litigation against us), and our software compliance team (have we properly purchased the correct licensing and can we prove it).

tsac 03-05-2006 01:25 PM

If everything worked without problems and no one ever fooled with the computer or BB they were given.... The companys would just buy from the vendors and never need an IT department.
complain about the users and the users will by pass IT every time. how long before the company reduces IT staff if nothing breaks.
Let em play, more work for me and you.


just a thought

Soapm 03-05-2006 06:59 PM

Quote:

Originally Posted by earth
Granted, a lot of crap lately seems to install through backdoors but locking down PCs is far more economical from a business standpoint than paying and IT employee to go and run virus + spyware removal tools for 2 hours every month.

And as another aside, it's mean and generalizing, but a lot of employees outside of IT are quite dumb when it comes to computers. There's nothing wrong with that, but it can be dangerous from a security standpoint to allow people open desktops that can be compromised.

Contrary and I agree with d_fisher that a happy medium has to be met or IT can be viewed just as dumb. It's the easy way out for IT to lock everything down, then when their is a breach they can say it's not their fault. Just blame the employee whose trying to get the job dumb. But is it the employee's fault?

I remember a bunch of university students information (ssn's, grades etc...) was lost by a faculty member who had it on their personal laptop. When asked why the information was on a personal puter, the faculty replied they needed to analyse the information using company provided macro's, however the security on the company provided machine would not let the company provided macro run. She showed where she opened ticket after ticket to IT with no resolution. Her boss gave her a deadline so she did what she felt she had to do to get the job done.

I know how she felt, we have two internal websites, one has to have Java active to run. The other has to have java disabled. Because of our security, we have to open a ticket each time the setting needs to be changed. Imagine telling an out of service, escalating customer we'll make the changes to fix their account as soon as IT turns my java back on/off. Oh, and our IT is closed on nights and weekends so we must page the on call tech. I also had to get an exception to make a company provided application work.

I agree with IT security not accomodating personal software or external websites/applications but I feel it is obligated to make sure all company aplications will work. Rather it's from you part of IT or not.


All times are GMT -5. The time now is 09:51 PM.

Powered by vBulletin® Version 3.6.12
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.