Device log encryption on Android devices

Log files can be emailed by using the Send Log option in Mobile@Work for Android. You can choose whether the log files are encrypted when they are provided to the email app. The choice affects the log files of the following:

• Mobile@Work for Android
• Secure Apps Manager
• AppConnect-enabled apps (including what the app logs and what the AppConnect wrapper around the app logs)

The security policy for a device contains the option for choosing whether the emailed log files are encrypted. The default setting is to not encrypt the files.

By default, encrypted log files can be decrypted only by MobileIron Technical Support. If you want to encrypt the log files using your own certificate, see Encrypting device logs with your own certificate.

NOTE:

Regardless of the device log encryption setting, the log files never include passwords, certificate content, license information, or other sensitive authentication data.

By encrypting the emailed log files, you improve security because the data is readable only by MobileIron Technical Support when using the default encryption, or by your own enterprise when using your certificate for encryption. Since emailing logs for troubleshooting is a common practice, you typically choose to encrypt the logs.

Procedure 

1. Go to Policies & Configs > Policies.
2. Select the security policy for the appropriate devices.
3. Click Edit.
4. In the Data Encryption section. for Device Log Encryption, select On.
5. Click Save.