Tech Community Live: Endpoint Manager edition
Jul 21 2022, 08:00 AM - 12:00 PM (PDT)

Android Enterprise require encrypt storage or not

%3CLINGO-SUB%20id%3D%22lingo-sub-2579983%22%20slang%3D%22en-US%22%3EAndroid%20Enterprise%20require%20encrypt%20storage%20or%20not%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2579983%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20am%20currently%20testing%20Microsoft%20Defender%20for%20Endpoint%20on%20an%20Android%208.%20This%20device%20is%20enrol%20in%20fully%20managed.%3C%2FP%3E%3CP%3EI%20have%20a%20compliance%20that%20require%20%22%22Encryption%20of%20data%20storage%20on%20device%22.%3C%2FP%3E%3CP%3EBut%20when%20I%20run%20for%20the%20first%20time%20Microsoft%20Defender%20it%20ask%20me%20to%20deactivate%20the%20secure%20launch%20of%20the%20device.%20So%20I%20did%20it.%3C%2FP%3E%3CP%3EBut%20after%20that%20my%20phone%20is%20not%20compliant.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20read%202%20links%20of%20Microsoft.%20This%20one%20%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmem%2Fintune%2Fprotect%2Fcompliance-policy-create-android-for-work%23encryption%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmem%2Fintune%2Fprotect%2Fcompliance-policy-create-android-for-work%23encryption%3C%2FA%3E%3C%2FP%3E%3CP%3EThat%20says%20%3A%20%22%3CSPAN%3EYou%20don't%20have%20to%20configure%20this%20setting%20because%20Android%20Enterprise%20devices%20enforce%20encryption.%22%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EAnd%20this%20one%20%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmem%2Fintune%2Fenrollment%2Fandroid-fully-managed-security-settings%23device-compliance%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmem%2Fintune%2Fenrollment%2Fandroid-fully-managed-security-settings%23device-compliance%3C%2FA%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EThat%20says%20to%20add%20%22Encryption%20of%20data%20storage%20on%20device%22%20at%20Required.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3ESo%20I%20don't%20know%20what%20to%20do.%20Do%20you%20have%20advice%20please%3F%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EAnd%20do%20you%20know%20why%20Microsoft%20Defender%20ask%20to%20deactivate%20the%20pin%20code%20ont%20the%20launch%20of%20the%20device%20please%3F%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2579983%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAndroid%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Eencrypt%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIntune%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Contributor

Hello,

 

I am currently testing Microsoft Defender for Endpoint on an Android 8. This device is enrol in fully managed.

I have a compliance that require ""Encryption of data storage on device".

But when I run for the first time Microsoft Defender it ask me to deactivate the secure launch of the device. So I did it.

But after that my phone is not compliant.

 

I read 2 links of Microsoft. This one : https://docs.microsoft.com/en-us/mem/intune/protect/compliance-policy-create-android-for-work#encryp...

That says : "You don't have to configure this setting because Android Enterprise devices enforce encryption."

 

And this one : https://docs.microsoft.com/en-us/mem/intune/enrollment/android-fully-managed-security-settings#devic...

That says to add "Encryption of data storage on device" at Required.

 

So I don't know what to do. Do you have advice please?

 

And do you know why Microsoft Defender ask to deactivate the pin code ont the launch of the device please?

0 Replies