Enforcing secure messaging using classifications
You can use message classifications to require S/MIME-enabled users or PGP® enabled users to sign, encrypt, or sign and encrypt email messages that they send from the BlackBerry® devices.
You use the Message Classification IT policy rule to configure one or more message classifications that users can apply to email messages. The message classification that the users select when they compose email messages determines the type of S/MIME message protection or PGP message protection that applies to the email messages.
If a user does not select a message classification, by default, the BlackBerry device applies the first classification in the message classification list on the BlackBerry device. You can change the order that the BlackBerry device lists the classifications in.
The message protection options on the BlackBerry device are limited to the types of encryption and digitial signing that the highly secure messaging packages on the BlackBerry device permit. When a user applies a message classification to an email message on a BlackBerry device, the user must select one type of message protection that the message classification permits, or accept the default type of message protection. If a user selects a message classification that requires signing, encryption, or signing and encryption of the email message, and the user did not install a highly secure messaging package on the BlackBerry device, the user cannot send the email message.
Create a message classification
- In the BlackBerry® Administration Service, on the BlackBerry solution management menu, expand Policy.
- Click Manage IT policies.
- In the list of IT policies, click an IT policy.
- Click Edit IT policy.
- On the Security tab, at the bottom of the screen, in the Message Classification Display Name field, type a display name that you want to appear in the Classifications list on BlackBerry devices.
- Type a subject suffix that you want to append to the message subject in parentheses . For example, type the subject suffix (U) for a classification that is named Unclassified.
- In the Minimum Actions drop-down list, click an action that a BlackBerry device user can perform to encode the message. For example, to permit users to select all of the encoding types for the secure messaging packages that they install on their BlackBerry devices, click Signed.
- Click the Add icon.
- Click Save all.
Create a message classification based on an existing message classification
- In the BlackBerry® Administration Service, on the BlackBerry solution management menu, expand Policy.
- Click Manage IT policies.
- In the list of IT policies, click an IT policy.
- Click Edit IT policy.
- On the Security tab, at the bottom of the screen, click the Copy icon beside the message classification that you want to copy.
- In the Message classification display name field, type a name for the message classification that you copied.
- If necessary, change the subject suffix that you want to append, in parentheses, to the email message subject.
- If necessary, click the minimum action for encoding the email message in the Minimum Actions drop-down list.
- Click the Add icon.
- Click Save all.
Order message classifications
- In the BlackBerry® Administration Service, on the BlackBerry solution management menu, expand Policy.
- Click Manage IT policies.
- In the list of IT policies, click an IT policy.
- Click Edit IT policy.
- On the Security tab, at the bottom of the screen, click the Up or Down arrow icon beside the message classification that you want to move to prioritize the message classification.
- Click Save all.
Delete a message classification
- In the BlackBerry® Administration Service, on the BlackBerry solution management menu, expand Policy.
- Click Manage IT policies.
- In the list of IT policies, click an IT policy.
- Click Edit IT policy.
- On the Security tab, at the bottom of the screen, click the Delete icon beside the message classification.
- Click Save all.