how does encryption work using Intunes Mobile Access Management (MAM) policy

SAM2023 26 Reputation points
2023-01-11T11:30:57.8166667+00:00

Hi

Just want to understand the concept of encryption using MAM v/s MDM

how does encryption work using Intunes Mobile Access Management (MAM) policy and what is encrypted?

Is the space (Internal memory) on your phone, where the application gets installed encrypted

or

Is there a virtual space created (kind of a folder) while the app is installed from the company portal (containerization technology) which does not encrypt the entire phone but by creating a virtual folder concept and encrypts only that portion where company apps are installed? (e.g. using true crypt)

or

It's only the data inside the application (e.g. Outlook) that's been encrypted using some concept of android SDK etc using some I/O topology, in this case, would it be DES/AES which is used for encrypting data at rest or would it be considered as data in transit (using TLS) Just want the technical documentation link for this on how this actually works.

It's not about MDM but about MAM

Thanks

SAM

Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,417 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Lu Dai-MSFT 28,441 Reputation points
    2023-01-12T01:44:54.43+00:00

    @simon selvin Thanks for posting in our Q&A.

    MAM is about app management. We use app protection policy to protect apps. This protection is in app level. For more details, please refer to the following article:

    https://learn.microsoft.com/en-us/mem/intune/apps/app-protection-policy

    For example, if we create an app protection policy (setting like Restrict cut, copy, and paste), add Outlook as a managed app in this policy and deploy this policy to a user group, when we use a user (which is included in this user group) to sign in Outlook, we can't copy data from Outlook to other apps. Outlook is a protected app.

    Hope it will clarify something.


    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.