Thread Info
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Enforcing Android Encryption.

RichKCE

Hey all, I've been beating my head against my desk trying to figure out how to get Sophos MDM to enforce android phone encryption. The only configurations I have available to me is: Password Policies, Restrictions, App Protection, App Control, Exchange ActiveSync, Wi-Fi, VPN, Root Certificates, Client Certificate. None of which from what I can tell enforce device encryption. I'm running Sophos MDM v 4.0.3.3 

Any and all help is much appreciated!

:57481


This thread was automatically locked due to age.
  • 0

    Hi RichKCE,

    with SMC 4.0 the Android Encryption is a bit tricky to find. With SMC 5.0 it is part of the "Restrictions" profile.

    But with SMC 4, you have to follow at first these steps:

    1. Log on to the SMC web console

    2. Go to "Settings | General"

    3. Within the "Personal" tab enable "Enable command bundles (expert mode)"

    4. Save the changes

    5. A new section "Command bundles" appears on the left hand side

    6. In there, create a new bundles with the "androidSetStorageEncryption" command

    7. Deploy that bundle to your device(s)

    Hope this helps.


    Best regards
    Stefan

    :57583
    • 0

      Thanks so much, shortly after posting I figured out where the compliance policy had the encryption compliance portion saying if not encrypted disallow mail and notify admin. So I went that route for now unless we have issues with non compliance then I will pursue the steps you provided!

      :57584
      • 0

        Hi RichKCE,

        alright, but please be aware, that the compliance rules do not configure anything on the devices.

        Users will just get a notification that their devices are non-compliant with the reason, that the device is not encrypted.

        Afterwards, they would have to manually enable the encryption for the deivce and I am not sure, if all users know how to do that ;-)

        Best regards

        Stefan

        :57588
        Unfiltered HTML