Citrix Endpoint Management

Storage encryption device policy

You create storage encryption device policies in Endpoint Management to encrypt internal and external storage, and, depending on the device, to prevent users from using a storage card on their devices.

You can create policies for Samsung SAFE, Windows Phone, and Android Sony devices. Each platform requires a different set of values, which are described in detail in this article.

To add or configure this policy, go to Configure > Device Policies. For more information, see Device policies.

Prerequisites

For Samsung SAFE devices, make sure the following requirements are met before you configure this policy:

  • Set the Screen Lock option on user devices.
  • Plug in users devices and charge them to at least 80%.
  • Make sure that the devices require a password containing both numbers and letters or symbols.

Samsung SAFE settings

  • Encrypt internal storage: Select whether to encrypt internal storage on users’ devices. Internal storage includes device memory and internal storage. The default is On.
  • Encrypt external storage: Select whether to encrypt external storage on users’ devices. The default is On.

Windows Phone settings

  • Require device encryption: Select whether to encrypt users’ devices. The default is Off.
  • Disable storage card: Select whether to prevent users from using a storage card on their devices. The default is Off.

Android Sony settings

  • Encrypt external storage: Select whether to encrypt external storage on users’ devices. The device must require a password containing both numbers and letters or symbols. The default is On.

Storage encryption device policy