This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 98%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAE%3C/text%3E%3C/svg%3E)
Hello,
I applied a MAM policy to encrypt organizational data with Microsoft apps on both Android and iOS devices.
I tested this policy on an Android device by saving an attachment (an Excel sheet) from Outlook to internal storage and attempting to open it. The file failed to open as expected. I then transferred the file to a laptop, where it opened but contained symbols, indicating that the encryption was effective.
However, I performed the same test on an iOS device and noticed that I could open and read the file from the iOS internal storage.
Please note that the encryption prompt appeared on iOS which indicates that the policy was applied.
How can I resolve this issue?
Thanks,
Alaa Elrayes
Policy settings
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@A.Elrayes, Thanks for posting in Q&A. Based on my understanding, this is by design. For "Encrypt Org data" on Android device, content on the device storage is always encrypted and can only be opened by apps that support Intune's app protection policies and have policy assigned.
https://learn.microsoft.com/en-us/mem/intune/apps/app-protection-policy-settings-android#encryption
For the setting on iOS device, Intune enforces iOS/iPadOS device-level encryption to protect app data.
https://learn.microsoft.com/en-us/mem/intune/apps/app-protection-policy-settings-ios#encryption
Therefore, we get the different behavior on the different platform.
Hope the above information can help.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Thanks for your reply. I saw both documents before and Istill see the description is not clear specially for IOS. As Imentioned, when I open the attacment in outlook, it opens. However, when I save it localy, I couldn't open it even with MS office for mobile apps and it seems to be opened by MS office desktop apps but the content encrypted. However, IOS, I could open the file even after saveing it locally.
@A.Elrayes, For the MS office app, is it the outlook app. If not, please confirm if it is under the protected app list in the following link. If yes, then check if the app is added into the app protection policy.
https://learn.microsoft.com/en-us/mem/intune/apps/apps-supported-intune-apps
@Crystal-MSFT Yes, it is MS Outlook App.
@A.Elrayes, Thanks for the reply. If so, that seems strange. could you type about:intunehelp. in Edge to double confirm if this app has applied app protection policy successfully.
@A.Elrayes, Thanks for confirming. From the information you provided, I notice the device is with app protection applied successfully. But when we save the file on local storage, the file is unable to open in outlook. Here, I suggest open case to do deep investigation on it.
https://learn.microsoft.com/en-us/mem/get-support
Thanks for your understanding.
Crystal-MSFT
There is misunderstand, my case is a normal behavior occurs while applying encryption on android devices as a result, unable to open the outlook attachment after saving it on the local storage due to the encryption. On the other hand, this result not happened in IOS device, I could open the file after saving it to the local storage.
I think it is related to Apple protection policies. As I noticed that the encryption takes place on IOS devices while the device is locked as per the document description.
@A.Elrayes, Thanks for correcting my misunderstanding. Yes, I also agree with you. the encryption takes place on IOS devices level which cause the different behavior with Android.
Any ideas ?
@A.Elrayes, For the MS office app, is it the outlook app. If not, please confirm if it is under the protected app list in the following link. If yes, then check if the app is added into the app protection policy.
https://learn.microsoft.com/en-us/mem/intune/apps/apps-supported-intune-apps