Encrypt device and external memory card

[Gary02468]

Encryption also enforces the password on the lock screen. Looking at my settings it looks like the longest I can set the screen timeout for locking is 30 minutes.

Thanks, that's good to know. So even with device encryption, you're able to set a delay before the lock-screen password is required.

It's interesting that your Note 2's delay options only go up to 30 minutes instead of 60 minutes. That's with the stock version of Android, or something customized? International or US Note 2? And do you happen to know if you had the one-hour option before you enabled device encryption?

 

[bigguy_132]

Interesting it does enforce it. I stand corrected. I didn't think it enforced it as well. However, my time out is a Max of 14 minutes. The one thing I did not have to do however was use a complex password. I have a PIN setup for my encryption no letters, special characters anything. Just digits. The same with my lock screen password. Just a PIN setup.

 

[Bobman]

Thanks, that's good to know. So even with device encryption, you're able to set a delay before the lock-screen password is required.

It's interesting that your Note 2's delay options only go up to 30 minutes instead of 60 minutes. That's with the stock version of Android, or something customized? International or US Note 2? And do you happen to know if you had the one-hour option before you enabled device encryption?

Yes, even with encryption you can set a delay. I have a stock Verizon Note 2. I don't know if it was one hour before encryption. It very well could have restricted it to 30 minutes after enabling encryption, but I don't know if that is the case.

 

[Bobman]

Interesting it does enforce it. I stand corrected. I didn't think it enforced it as well. However, my time out is a Max of 14 minutes. The one thing I did not have to do however was use a complex password. I have a PIN setup for my encryption no letters, special characters anything. Just digits. The same with my lock screen password. Just a PIN setup.

That is very interesting that you can use a PIN. When I enabled encryption, it was very clear that I had to use the complex password. And for the timeout length, do you also have a Corporate Sync policy? Weird that yours cuts it even shorter. A Corporate Sync policy could maybe be limiting it further.

 

[bigguy_132]

That is very interesting that you can use a PIN. When I enabled encryption, it was very clear that I had to use the complex password. And for the timeout length, do you also have a Corporate Sync policy? Weird that yours cuts it even shorter. A Corporate Sync policy could maybe be limiting it further.

I do have a Corporate Sync account. I have a feeling that it is being enforced by the company. I was surprised when I hooked it up my corporate policy required that I have encryption on my SD card and phone both. I am curious to see what other people have experienced, not sure how I got away using a PIN.

 

[Bobman]

I do have a Corporate Sync account. I have a feeling that it is being enforced by the company. I was surprised when I hooked it up my corporate policy required that I have encryption on my SD card and phone both. I am curious to see what other people have experienced, not sure how I got away using a PIN.

Ok, so that probably explains your shorter timeout length. Exchange server admins can enforce the encryption and that setting on their end when you add active sync account. I wonder if for some reason they can modify the setting to allow you to only need a PIN also.

 

[bigguy_132]

Ok, so that probably explains your shorter timeout length. Exchange server admins can enforce the encryption and that setting on their end when you add active sync account. I wonder if for some reason they can modify the setting to allow you to only need a PIN also.

I believe they can. If I remember right I had the choice of PIN, Password, and one more I just can't remember which.

 

[csb365]

My question is about data once you encrypt your device and SD card -- is everything you add later also encrypted?
From reading the posts, I would assume so -- but can someone explain how or why it works? Is the encryption not specific to the data but a feature of the OS?
Clearly I don't get it -- I need some kind of mental model for how encryption relates to your data. Is is layer that is applied to all data, like a cover or case for the data?

 

[Bobman]

Yes, it is applied to all data. I believe it is hardware encryption or similar concept. It doesn't encrypt individual files to protect them say if you email them or send them somewhere, but if someone gets a hold of your phone all data is encrypted on it. So they can't access any info on it without unlocking it either by the password at the lock screen or the boot up password.


Edit: and to be super clear, yes, future data added is covered too. So, yeah, it is at the OS or hardware level. Whatever level it is at technically is underneath the individual file so you don't have to worry about it.

 

[csb365]

Here are my assumptions about how your work information data is kept private over cell waves, from the cell providers who collect subscriber info, and if your cell was ever lost: the device and SD or other memory devices are encrypted (protection if phone fails into wrong hands), and the communication connections are over a work virtual private network created by your company (in and outgoing communications are private, as well as private from the carrier's perspective.)

Here are my questions:
1. Is my summary accurate?

2. Are there any holes? Any way for a trojan, spyware, malware to get in? - I assume I have to use good judgment, i.e. no 3rd party apps that I don't have to have as well as trust, click or open no links or files from unknown sources on the phone as malware for phones is essentially non-existent.,
and has to be run on the data after transfer to a server??

3. Does encryption protect against spyware and malware? If so, in what way?

Thank you and anyone who responds for your input!! Much appreciated.


I am libertarian in that I don't care to share ANY information with a third party or government.
My cell use is personal only, not work. I am going into a second career of Health Information Management, and personal health information should have the very highest security HIPAA, so I am using the Android (open source, open everything!!) phone as practice on how to lock down private data - and I get to the use technology but stymy.

 

[Bobman]

Here are my assumptions about how your work information data is kept private over cell waves, from the cell providers who collect subscriber info, and if your cell was ever lost: the device and SD or other memory devices are encrypted (protection if phone fails into wrong hands), and the communication connections are over a work virtual private network created by your company (in and outgoing communications are private, as well as private from the carrier's perspective.)

Here are my questions:
1. Is my summary accurate?

2. Are there any holes? Any way for a trojan, spyware, malware to get in? - I assume I have to use good judgment, i.e. no 3rd party apps that I don't have to have as well as trust, click or open no links or files from unknown sources on the phone as malware for phones is essentially non-existent.,
and has to be run on the data after transfer to a server??

3. Does encryption protect against spyware and malware? If so, in what way?

Thank you and anyone who responds for your input!! Much appreciated.


I am libertarian in that I don't care to share ANY information with a third party or government.
My cell use is personal only, not work. I am going into a second career of Health Information Management, and personal health information should have the very highest security HIPAA, so I am using the Android (open source, open everything!!) phone as practice on how to lock down private data - and I get to the use technology but stymy.

1. Your summary sounds correct given that you have a working VPN connection. And are we just talking email or Web browsing? Text messages and some other info will obviously still be visible to your cell provider. And apps can still collect and send information out. VPN would just prevent packet sniffing.

2. I'm not an Android security expert, but this seems fairly safe. Like you said pay attention to 3rd party apps. See what permissions they ask for and if they are a trustworthy company. You may also install Lookout Security to scan apps you install. I also use Prey for remote wipe and tracking ability. Prey can even activate your front camera to photograph the thief. You'll just have to be the judge on whether or not you trust Prey. I do, but I'm always cautious about keeping sensitive info on my phone.

3. No, encryption won't have any affect on preventing malware.

4. (I know you didn't have a 4). I also use Tasker to encrypt certain files and directories on my SD card. This is different from the hardware encryption built into the OS. This requires me to decrypt the file with a pass phrase whenever I want access. This prevents people and other apps from reading those files.

I hope this helps. I don't know all the details with HIPPA compliance though. My last company was a CPA firm that had to abide by HIPPA among others, but I don't think their cell phone policy was in full compliance.

Besides VPN, you may also look into sending encrypted email, but I don't know how security certificates work on Android.

 

[Anoop Vj]

Hi,
I'm using a Galaxy Note 2 with a 32 gb micro SD card which was encrypted using an 8 digit alpha numeric password, i had to rest the phone to factory settings and did not decrypt the card, i tried to use the same Memory card on my phone and it does not give a preview of the files that are on the card, i could successfully re encrypt the card with the same password but that did not solve the problem. I'm able to save new files to the card (which is encrypted again using the old password) but the old files does not give a preview, i tried to access it using PC and files get copied but says that it cannot be opened.

How can this be fixed!

 

[Casey Cheung]

Hi,
I'm using a Galaxy Note 2 with a 32 gb micro SD card which was encrypted using an 8 digit alpha numeric password, i had to rest the phone to factory settings and did not decrypt the card, i tried to use the same Memory card on my phone and it does not give a preview of the files that are on the card, i could successfully re encrypt the card with the same password but that did not solve the problem. I'm able to save new files to the card (which is encrypted again using the old password) but the old files does not give a preview, i tried to access it using PC and files get copied but says that it cannot be opened.

How can this be fixed!

You should have un-encrypted your external memory card first. You obviously know that now. Are you able to un-encrypt now, or not? I haven't had your same experience yet, so I can't comment. Both my phone and card are encrypted, and I have the hassle of entering a long 8 character password to unlock the phone. If I were to ever not use this phone again in the future, I hope I can remember to first un-encrypt the memory card. Easier said than done, I suppose. Actually, in my case, when I insert my encrypted memory card into a laptop, the laptop is able to view the file names, but I cannot actually open the files. Do you have the same experience, or do you not even see the file names?

 

[Bobman]

Hi,
I'm using a Galaxy Note 2 with a 32 gb micro SD card which was encrypted using an 8 digit alpha numeric password, i had to rest the phone to factory settings and did not decrypt the card, i tried to use the same Memory card on my phone and it does not give a preview of the files that are on the card, i could successfully re encrypt the card with the same password but that did not solve the problem. I'm able to save new files to the card (which is encrypted again using the old password) but the old files does not give a preview, i tried to access it using PC and files get copied but says that it cannot be opened.

How can this be fixed!

So you forgot to decrypt, you reset your phone, then you encrypted the SD card again? If that is the case, I imagine your original data is unsalvagable. It seems like in an ideal world your phone should have known your sd card was encrypted to begin with and not asked you to encrypt again.

Hope you can figure it out somehow. Otherwise, I at least thank you for sharing this valuable lesson with us.

 

[Anoop Vj]

I am able to encrypt and decrypt the card now.. only issue is Old data cannot be read.. it's on the card but does not give a preview and issue is only with Image and Videos files.. mp3 files are working absolutely fine , I'm still using the same card and new files saved to the system are encrypted again!

 

[Robert Brooker]

I studiply left my Doid Bionic in reach of my 2 & 3 year old niece and nephew while my brother and I played tennis, weeks ago. One of them somehow caused my phone to reset to factory default. I tried accessing my memory card, after re-installing all my apps, to no avail. I get a the following messages each time: "SD Card Password Protection - SD card has been secured by another device and cannot be accessed unless formatted." and "Failed to verify SD card security settings. Encryped content is not accessible." Can anyone help me access my card again...:'(please?

 

[Bobman]

I studiply left my Doid Bionic in reach of my 2 & 3 year old niece and nephew while my brother and I played tennis, weeks ago. One of them somehow caused my phone to reset to factory default. I tried accessing my memory card, after re-installing all my apps, to no avail. I get a the following messages each time: "SD Card Password Protection - SD card has been secured by another device and cannot be accessed unless formatted." and "Failed to verify SD card security settings. Encryped content is not accessible." Can anyone help me access my card again...:'(please?

Wish I could. I've got nothing on this.

Posted via Android Central App

 

[JNM]

I studiply left my Doid Bionic in reach of my 2 & 3 year old niece and nephew while my brother and I played tennis, weeks ago. One of them somehow caused my phone to reset to factory default. I tried accessing my memory card, after re-installing all my apps, to no avail. I get a the following messages each time: "SD Card Password Protection - SD card has been secured by another device and cannot be accessed unless formatted." and "Failed to verify SD card security settings. Encryped content is not accessible." Can anyone help me access my card again...:'(please?

From the reading I have done, the encryption keys appear to be stored within the device's internal storage, which would be wiped update factory reset. Thus, the encryption keys are gone and your card cannot be decrypted without them. That is exactly the idea because if you could do so without the key anyone else could as well. Basically, that information is gone unless you are really, really, good.

I find it interesting, and maybe bothersome, that those not connected to an Exchange server with Administrative privileges or the ability to direct someone to change the security policies cannot set a PIN instead of a more complex and cumbersome password. When I first thought of trying the encryption on my Note 2 I would have needed to use the longer password. However, upon going to my Exchange server settings and changing the policy to allow a specific PIN type as well as passwords, setting a period to require password changes, and more I have my phone encrypted and use a four digit PIN most of the time. I can change to a password and back as I see fit.

(please forgive mistakes...typing from the phone)

 

[MaPar]

Hello,

I have a similar situation. My 5 y/o kid was looking pictures on the phone (yes I know, I know), all the sudden I heard the phone turning off, so I asked to have the phone back, as I didn't want the pin blocked. So I turned it back on, entered the SIM pin, and got the welcome screen for the first time users! Somehow my profile got erased (although all my files were still in the memory of the phone, just all the apps gone). I didn't encrypted the internal memory of the phone previously, just the SD card, and I can still access everything in the internal memory, but on the SD card all the files are encrypted and can't read them. Any idea of what to do? I looked at the encryption settings, and I noticed I'm unable to encrypt the SD card, the option is disabled. I'm using the same code to unlock the phone, but still can't read the encrypted card. However, I also noticed that if I change from pin to a password, it will now allows me to encrypt the SD card, but of course I don't want to do it, cuz the card is already encrypted. Any help would be greatly appreciated!

Thank you very much!

 

[Brian Aw Leong Khiat]

Ok, I know.
You must use NUME


www.nume.ch
wait some brilliant reply.thank you