Data encryption states

A dual-mode app encrypts its data only if all of the following are true:

  • The app is in AppConnect Mode.

  • Secure services are available.

Secure services are available only when the app’s authorization status is authorized.

  • The secure file I/O policy requires secure file I/O.

Therefore, the app maintains a data encryption state. It stores this state persistently, so that when it next launches, it knows how to behave. The possible states are:

  • Unencrypted

    The app does not encrypt its data.

  • Encrypted

    The app encrypts its data.

The following diagram summarizes the state transitions that a dual-mode app implements. See High-level dual-mode app behavior for information about these state transitions.

The state change to Encrypted state depends on three conditions: that the app is managed, that secure services are available, and that the secure file I/O policy requires secure file I/O. Because the order of these notifications can vary, upon receiving any of the notifications, the app checks if all three conditions are true yet.

For an example of checking whether to change to the Encrypted state, see the
DualMode sample app’s method -checkEncryptionState: in Policies.m.

Actions when changing to the Encrypted state

When changing to the Encrypted state, the app starts using secure file I/O APIs for new sensitive data. Also, the app determines what to do with existing unencrypted data.

Consider these options for existing data:

  • Secure existing sensitive data.

    Your app can use the secure file I/O APIs to encrypt existing sensitive data. The dual-mode sample app provides an example of this behavior.

    Ivanti recommends this option for sensitive data. If device users upgrade from a previous version of your app to a new dual-mode version, this option ensures that they do not lose data.

    However, some data can remain unsecured. For example, user display preferences are typically not sensitive information.

  • Remove existing data.

    Your app can remove existing data if doing so does not cause disruption to the app users.

Actions when changing to the Unencrypted state

When changing to the Unencrypted state, the app removes all sensitive data.