Enabling Data Leakage Prevention (DLP) with BlackBerry Dynamics SDK

Data Loss Prevention (DLP) policies are crucial to ensure an Enterprise’s sensitive information is accessible only to authorized users and application and cannot be shared with unknown entities.

This Knowledge Base article shows you how to enable the DLP settings in BlackBerry UEM/Good Control and enable BoostEMM capabilities on Appdome.

We hope you find it useful and enjoy using Appdome!

Enable Data Leak Prevention policies in BlackBerry Dynamics

Appdome is a no-code mobile integration platform as a service (iPaaS), supporting a wide variety of implementations for Android and iOS apps.

Appdome allows anyone to easily integrate Any app with the BlackBerry EMM SDK adhere to the BlackBerry Dynamics BlackBerry Data Leakage Prevention (DLP) settings configured in BlackBerry UEM or Good Control.  DLP settings found in a BlackBerry Dynamics profile control copy/paste and open-in/with capabilities of Fused apps. BlackBerry DLP must also be turned on to enable app lockdown features available with BoostEMM by Appdome including:

  • Connect Secure Browser: Lockdown web links in-app open to only open in BlackBerry Access Secure Browser
  • Connect Secure Email: Lockdown email links in the app to only open in BlackBerry Work Secure Email
  • Secure Document Sharing: Lockdown documents that can be shared from the app to BlackBerry Work Secure Email

Enable DLP settings in the BlackBerry UEM Console

DLP settings are used to control copy and paste to and from native or Fused BlackBerry dynamics apps, as well as control open-in or open-with apps. DLP settings are also required to enable the Appdome BoostEMM features: Connect Secure Browser, Connect Secure Email, and Secure Document Sharing.

  1. Login to BlackBerry and click Policies and Profiles
  2. Expand BlackBerry Dynamics, and Select the BlackBerry Dynamics profile assigned to the user group, user, or Fused app
  3. Check the box next to [x] “Do not allow copying data from BlackBerry Dynamics apps into non-BlackBerry Dynamic apps.”
    • It’s very important to have this enabled when you’re building an app with the BlackBerry SDK and you’d like to open an uploaded media file in your app.
      • Whenever you can’t open uploaded media files in your app or add new media files in your app be sure to check the box “Do not allow copying data from BlackBerry Dynamics apps into non-BlackBerry Dynamics apps.”  
  4. Optionally check the box next to [x] “Do not allow copying data from non-BlackBerry Dynamics apps into BlackBerry Dynamic apps.”


Enable DLP settings in the BlackBerry Good Control

DLP settings are used to control copy and paste to and from native or Fused BlackBerry dynamics apps, as well as control open-in or open-with apps. DLP settings are also required to enable the Appdome BoostEMM features: Connect Secure Browser, Connect Secure Email, and Secure Document Sharing.

  1. Login to BlackBerry Good Control and click Policy Sets
  2. Expand the Policy you will assign to the Fused app
  3. Select the BlackBerry Dynamics policy assigned to the user group, user, or Fused app
  4. Expand Security Policies
  5. Under Data Leakage Prevention Check the box next to [x] “Prevent copy from GD apps into non-GD apps.”
  6. Optionally check the box next to: BoostEMM by Appdome

Force opening Email Links, Web Links and Documents with Secure apps:

The following instruction will guide you on how to complete your DLP BlackBerry Good Policy by allowing only Blackberry web browser/email client/document viewer to open links and documents from your secure app.

After completing this, we will guide you on how to fuse your app accordingly.

Configuring Secure Browser Lockdown on Blackberry Policy:

  1. Log in to your BlackBerry environment and select the Apps tab
  2. Select BlackBerry Access
  3. Click the App Configuration Policy

4. Make sure to have the checkbox next to “Allow external apps to open HTTP/HTTPS URLs through BlackBerry Access” turned on:

Configuring Secure Email client Lockdown on Blackberry Policy:

  1. Edit the app configuration for BlackBerry Work.
  2. Log in to your BlackBerry environment and select the Apps tab
  3. Select BlackBerry Work
  4. Click the App Configuration Policies

5.Click on Interoperability tab

6. Under Allow 3rd Party App to Send Mail make sure have the checkbox next to Enable sending mail from BlackBerry Work via mailto:gmmmailto:/gwmailto:
     Under File Transfer Privileges make sure there is a checkbox next to “Enable exporting to 3rd-party native apps” and have a checkbox next to “Enable Importing from     3rd-party native apps.

7. Enable permissions for importing from 3rd party native apps (for both iOS12 and below and for iOS 13 and Above):

8. Scroll up and open the Sending Attachments tab

9. Verify the “Allow sending attachments” box is checked with the maximum size:

 

Fusing your App to open web and email links and protected files with secure Clients using BoostEMM

In order to fuse your app to only open links using secure browsers and web clients, appdome offers BoostEMM.

To zoom out on this topic, visit  Appdome for Enterprise Mobility on our website.

For more information on Appdome for BlackBerry Dynamics please visit this resource

Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.  

Paul Levasseur

Have a question?

Ask an expert