Symbian S60 Security Settings Policy

Top  Previous  Next

This section only applies to Symbian Series 60 3rd edition devices that are using the mSuite mNotes client.


Please be sure to read the Notes relating to mail encryption on Symbian S60 devices below.


Editing an existing policy

You can edit an existing policy by expanding the navigation tree, under the node Policies, select Security Settings.  The action pane will display all of the security policies that are defined.  By default there is a single policy Default Security Policy.  Right mouse click the name of the policy that you want to modify in the action pane and then select Configuration Wizard...


Creating a new policy

To create a new policy, expand Policies and select Security Settings in the navigation tree then right mouse click an existing policy in action pane.  Select All Tasks > Copy settings to new policy... then enter the Name of the new policy and click OK.  The new policy is created as a clone of the existing policy - to change the settings in the new policy, follow the instructions for Editing an existing policy above.


Defining the Policy

In either case, the Policy Management Wizard will run to allow you to define the policy.

1.Press Next on the Welcome screen and again on the Policy Name screen.
2.Optionally configure the Windows Mobile Policy Settings then click Next.
3.On the Symbian S60 Policy Settings page of the wizard, set up the required policy elements.  To lock an element, right mouse on the node in the Security Policy window.  The icon in the tree will change to reflect the lock status:
4.Select Lock Code Policy to set/change any of the following:
a)Max Auto Lock Period - the maximum auto lock period (in minutes) that the user is allowed to select (see Auto Lock Period below).
b)Auto Lock Period - the number of minutes after which the device will auto lock.
c)Lock Code Min Length - the minimum required length for the lock code.
d)Lock Code Max Length - the maximum allowed length for the lock code.
e)Require Upper and Lower - whether or not the lock code is required to contain both upper and lower case characters.
f)Require Chars and Number - whether or not the lock code is required to contain both characters and numbers.
g)Max Repeated Characters - The maximum number of times any single character can be used in the lock code.  0 = no restriction, 1-4 = single character cannot be used more times than this.
h)Lock Code History - A new lock code is not allowed to be the same as this number of previous lock codes.
i)Lock Code Expiry (days) - Number of days before the lock code will expire and the user will be forced to change it.  0 = no restriction, 1-365 = days before expiry.
j)Wipe After Auth Failure Attempts - The number of failed attempts to enter the lock code before the device is wiped i.e. 'hard' reset.  3-20 = number of   consecutive lock code failures allowed.
k)Allow Consecutive Numbers - Whether or not the lock code is allowed to contain two adjacent numbers i.e. any one number directly following any other number.  If set to 'No', then a code like 'a12bd' would not be allowed; nor would 13579.  'a1b2c3' would be OK because no two numbers are next to one another.
5.Select Mail Encryption and set Active it to Yes to enable encryption of mail messages and attachments.
6.Once the policy is configured, click Next.
7.Click Finish to complete the wizard.



Notes relating to mail encryption on Symbian S60 devices:


Only Nokia "E" series Symbian S60 3rd Edition devices are supported.  When the policy is applied on the device, the user will be prompted to enter a 'fingerprint' to allow the device manager to take control of their device.
The required fingerprint is:  b6fd   It is not case sensitive.
Symbian Series 60 3rd Edition 'Feature Pack 2' devices and Series 60 5th Edition devices are not currently supported.  These devices will normally have their own built-in encryption capabilities.

Deploying the Policy to a Group of Users or an Individual User

To deploy a new Security Settings policy or change the currently deployed policy, expand the Administration node in the navigation tree, expand Users and Groups until you can see the user or group that you want to apply the policy to.


Deploying to a Group

1.In the navigation tree, right mouse click the group that you want to deploy to and then select Properties.
2.Select the Policies tab and select the policy from the drop down list.
3.Click Apply then click OK.

Users in the group will receive the new/changed policy next time their device performs a device management session - by default, this is once a day.


Deploying to a User

1.In the action pane, right mouse click the user that you want to deploy the policy to and the select Properties.
2.Check Show Advanced to display the advanced properties - this is sticky, once you have checked this it will remain checked until you choose to hide the advanced properties again.
3.Select the Policies tab and select the policy from the drop down list.
4.Click Apply then click OK.


Page url: