Clarification on Encrypt Org Data setting in App Protection Policy

Question

Hello, I am currently working on an app protection policy for my organization.

I have tested the policy on a few users and everything seems to be working fine except for the Encrypt Org Data setting.

When I try to save Outlook attachments on my device outside of managed apps, they are encrypted and I cannot open them.

However, when I forward the attachment from my work account to my personal account, I can open the attachment and see the data. I can also save it anywhere I want from my personal email and still be able to open it. Am I missing something or is this not meant to work when forwarding Outlook attachments?

Thank you.

Answer 1

@Ramesh,Thanks for posting in Q&A.

From your description, I know that you encountered an issue that you can forward the attachment from work account to personal account, even you can open the attachment, see the data and save it while the app applied app protection policy.

Based on my research, I find that when you save attachments on managed apps that applied app protection policy, they were encrypted, and you can read them. However, when you send an encrypted attachment via Outlook, Outlook will automatically decrypt the attachment and allow you to send it, read and save it.

Hope this can be helpful.

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.