Enforcing secure messaging using
classifications
You can use message classifications to require S/MIME-enabled users or PGP enabled users to sign, encrypt, or sign and
encrypt email messages that they send from the BlackBerry devices.
You use the Message Classification IT policy rule to configure one or more message classifications that users can apply to
email messages. The message classification that the users select when they compose email messages determines the type
of S/MIME message protection or PGP message protection that applies to the email messages.
If a user does not select a message classification, by default, the BlackBerry device applies the first classification in the
message classification list on the BlackBerry device. You can change the order that the BlackBerry device lists the
classifications in.
The message protection options on the BlackBerry device are limited to the types of encryption and digitial signing that the
highly secure messaging packages on the BlackBerry device permit. When a user applies a message classification to an
email message on a BlackBerry device, the user must select one type of message protection that the message
classification permits, or accept the default type of message protection. If a user selects a message classification that
requires signing, encryption, or signing and encryption of the email message, and the user did not install a highly secure
messaging package on the BlackBerry device, the user cannot send the email message.
Create a message classification
1.
In the BlackBerry Administration Service, on the
BlackBerry solution management
menu, expand
Policy
.
2.
Click
Manage IT policies
.
3.
In the list of IT policies, click an IT policy.
4.
Click
Edit IT policy
.
5.
On the
Security
tab, at the bottom of the screen, in the
Message Classification Display Name
field, type a display
name that you want to appear in the Classifications list on BlackBerry devices.
6.
Type a subject suffix that you want to append to the message subject in parentheses . For example, type the subject
suffix (U) for a classification that is named Unclassified.
7.
In the
Minimum Actions
drop-down list, click an action that a BlackBerry device user can perform to encode the
message. For example, to permit users to select all of the encoding types for the secure messaging packages that
they install on their BlackBerry devices, click
Signed
.
8.
Click the
Add
icon.
9.
Click
Save all
.
Administration Guide
Configuring security options
65