Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry Persona
  3. BlackBerry Persona Administration Guide
  4. Steps to configure and use BlackBerry Persona
  5. Create a BlackBerry Persona policy

Create a
BlackBerry Persona
 policy

You create a
BlackBerry Persona
 policy to define which risk engines you want
Persona
 to use to determine user risk levels and the actions that the service should take for different types and levels of risk. How you configure the policy determines how
Persona
 enforces adaptive security standards that are appropriate for each user’s current activity and context.
Persona
 offers several actions for the different types and levels of risk, from enforcing UEM group assignments to temporarily blocking
BlackBerry Dynamics
 apps. For more information about how
Persona
 resolves conflicting assignments, see Resolving conflicting assignments and precedence rules.
  1. In the
    BlackBerry Persona Analytics Portal
    , on the menu bar, click
    Policies
    .
  2. Click Add icon.
  3. Type a name and description for the policy.
  4. If you don't want
    Persona
     to take action for identity risk levels, turn off
    Behavioral pattern risk
     and
    App anomaly risk
     and skip to step 7.
  5. To configure an action for a behavioral pattern or app anomaly risk, click Add icon next to the risk level and do any of the following:
    • Click
      Assign to UEM group
      . Select a group from the list.
    • Click
      BlackBerry Dynamics apps action
       and do one of the following:
      • Click
        Assign BlackBerry Dynamics override profile
        . Select a profile from the list.
      • Click
        Block all BlackBerry Dynamics apps
        .
      • Click
        Block the BlackBerry Dynamics app that initiated the request
        .
    The Block all
    BlackBerry Dynamics
     apps and Block the
    BlackBerry Dynamics
     app that initiated the action are available for the Critical and High risk levels only.
  6. To allow users to reduce their behavioral risk level to low by completing a
    BlackBerry 2FA
     authentication prompt, do the following:
    1. In the
      Identity risk
       section, click
      Automatic risk reduction
      .
    2. In the drop-down list, click the risk levels that will allow automatic risk reduction.
    3. Click
      Apply
      .
    If a user successfully authenticates to access a
    BlackBerry Dynamics
     app, the user cannot be prompted for another authentication (for example, a continuous authentication prompt or automatic risk reduction prompt) for a grace period of at least 5 minutes.
  7. Choose one of the following methods to manage geozone risk levels and actions:
    Method
    Steps
    • Use learned geozones
    • Do not use defined geozones
    1. Verify that
      Learned geozone risk
       is turned on.
    2. Turn off
      Defined geozone risk
      .
    3. To configure an action for a learned geozone risk level, click Add icon next to a risk level and do any of the following:
      • Click
        Assign to UEM group
        . Select a group from the list.
      • Click
        BlackBerry Dynamics apps action
        and do one of the following:
        • Click
          Assign BlackBerry Dynamics override profile
          . Select a profile from the list.
        • In the high risk level, click
          Block all BlackBerry Dynamics apps
          .
        • In the high risk level, click
          Block the BlackBerry Dynamics app that initiated the request
          .
    • Use learned geozones
    • Use defined geozones
    • Optional: Take special actions for certain defined geozones
    1. Verify that
      Learned geozone risk
       and
      Defined geozone risk
       are turned on.
    2. To configure the default risk actions for both learned and defined geozones, click Add icon next to a risk level and do any of the following:
      • Click
        Assign to UEM group
        . Select a group from the list.
      • Click
        BlackBerry Dynamics apps action
        and do one of the following:
        • Click
          Assign BlackBerry Dynamics override profile
          . Select a profile from the list.
        • For defined geozones, click
          Block all BlackBerry Dynamics apps
          .
        • For defined geozones, click
          Block the BlackBerry Dynamics app that initiated the request
          .
    3. If you want to take special actions for a certain defined geozone, click Add icon in the top-right corner of the table and click the geozone. Click Add icon for the defined geozone and select the desired actions.
    • Do not use learned geozones
    • Use defined geozones
    • Optional: Take special actions for certain defined geozones
    • Optional: Take special actions for users that are not in defined geozones
    1. Turn off
      Learned geozone risk
      .
    2. Verify that
      Defined geozone risk
       is turned on.
    3. To configure an action for all defined geozones set to a certain risk level, click Add icon next to the risk level and do any of the following:
      • Click
        Assign to UEM group
        . Select a group from the list.
      • Click
        BlackBerry Dynamics apps action
        and do one of the following:
        • Click
          Assign BlackBerry Dynamics override profile
          . Select a profile from the list.
        • Click
          Block all BlackBerry Dynamics apps
          .
        • Click
          Block the BlackBerry Dynamics app that initiated the request
          .
    4. If you want to take special actions for a certain defined geozone, click Add icon in the top-right corner of the table and click the geozone. Click Add icon for the defined geozone and select the desired actions.
    5. If you want to take special actions for users that are not in defined geozones, in the top-right corner of the table, click Add icon
      > Undefined geozone
      . Click Add icon for the undefined geozone and select the desired actions.
    • Do not use learned or defined geozones
    Turn off
    Defined geozone risk
     and
    Learned geozone risk
    .
  8. Click
    Save
    .