[avengerxp]

Lumia 640 - Windows 10 mobile build .107

Windows 10 mobile has device encryption, I have it on and I thought this means even my 16GB SD card is encrypted and only can be accessed when I authorized it via my PIN.

but it notes here : http://www.windowscentral.com/how-enable-device-encryption-windows-10-mobile

that only the built in storage is encrypted and we should not leave any sensitive details on SD memory!

encrypting my SD card and making it unreadable via a card reader is what I expected, is this not possible? or MS is not giving us that? can someone enlighten me on this. Thanks..

[TheChazas]

I think that is because you can take out SD, and most importantly because OS is installed on phones storage. But as far as I heard you can protect SD too.

[avengerxp]

SD card encryption...is it too much to ask??

[Arizona Willie]

Are there not 3rd party encryption apps?

If so, did the makers of those apps give the government a back door?

[pandhersaab27]

Yes there are apps you can use to encrypt sd card but the problem is Windows phone won't support it if it's encrypted by another app.

[avengerxp]

It should be doable right? encrypt my SD card used in phone so that only the pin would unlock the phone and card, If someone stole my phone they will have nothing to get from it...(that being my personal information)

[v_emman]

Originally posted by avengerxp
SD card encryption...is it too much to ask??

It's not. BitLocker can encrypt any drive on your computer, not only the system drive. It's exactly the same on the phone.
Actually, I am impressed that they didn't implement encryption for the SD card too, since this is where it is needed most (internal storage can't be accessed anyway if you don't know the PIN).

[avengerxp]

Thats exactly my point. on PC Bitlocker will encrypt all Drives (even 2 physical drives attached to same PC) so why cant they encrypt the SD card?

[hprvez]

It's not. BitLocker can encrypt any drive on your computer, not only the system drive. It's exactly the same on the phone.

Actually, I am impressed that they didn't implement encryption for the SD card too, since this is where it is needed most (internal storage can't be accessed anyway if you don't know the PIN).

Internal memory can be easily dumped with direct access to the board (example: Jtag) but it's slower than popping out a sd card, it should be implemented in both memories but the sd performances would take a great hit

[BaritoneGuy]

It would have to support the "Bitlocker to go" functionality in order to encrypt a removable drive. Even on the PC it requires Windows Professional or Enterprise for it to work.

[Alain_A]

It should be doable right? encrypt my SD card used in phone so that only the pin would unlock the phone and card, If someone stole my phone they will have nothing to get from it...(that being my personal information)

go with Blackberry as it does both

[avengerxp]

go with Blackberry as it does both

I indeed had a blackberry 9800 sometime back. great phone. But whats your point in asking me go back?

[Alain_A]

I indeed had a blackberry 9800 sometime back. great phone. But whats your point in asking me go back?

because you want your sd card to be encrypted?

[avengerxp]

LOL. I will not argue with you. anyone else has info on this matter?

[TheChazas]

Suggest this to a MS, to include SD encryption too.

[Marco Patrizi]

I know its 1 mth old, but I really do need this feature enabled on my Lumia 950, at work they are using MDM policies as I commented on the MS forum InfoSec wont budge. they said either buy Android or iOS or get Microsoft to enable the feature. fat chance hey....

Will Windows Phone 10 support SD card encryption? - Microsoft Community

[xandros9]

I know its 1 mth old, but I really do need this feature enabled on my Lumia 950, at work they are using MDM policies as I commented on the MS forum InfoSec wont budge. they said either buy Android or iOS or get Microsoft to enable the feature. fat chance hey....

Will Windows Phone 10 support SD card encryption? - Microsoft Community

Surely you can just keep sensitive data on the phone itself? or pare down data usage and nix the card? (since the iPhone doesn't have a card entirely)

[Marco Patrizi]

I asked our InfoSec, gave them scenario if I encrypt the phone keep e-mails there on the phone why cant the policy via MDM be relaxed. They refuse as I could save an e-mail attachment on the SD card (unencrypted) breaching policy.

They then asked why don't I use a 3rd party tool/app to do it.. further research showed this is futile also, as the phone wont recognise it , not will the MobileIron MDM hence back to square one.

Comments at bottom this this article also show it cannot be done via PC either if I tool SD card out & used bitlocker on PC,
How to enable device encryption on a phone with Windows 10 Mobile | Windows Central

[avengerxp]

Hmmm...So the most renowned business class OS doesn't have a key feature it seems. If the PC can encrypt it's hard disks, the mobile should be able to aswel. Going to check this on the feedback hub and post it there... can anyone tweet this to gabe at MS

[Exup]

Does anyone have any update on this.

Honestly, bitlocker "on the go" would be the correct way for the SD card encryption implementation in W10M...and it would be still usable if needed on other computers.

It doesn't make sense to keep all photos and videos on the SD card...and can't encrypt it...

[AndyCalling]

Bitlocker OTG would be the way Windows does this, but there are two problems. Firstly, this is only available on Win Pro or Enterprise for initiating Bitlocker on a drive. The internal drive is covered under the exception for small touch devices (as with tablets) but only applies to the internal boot drive. The way round this is to encrypt the card on your Win 10 Pro desktop or laptop PC, then it should work in all other versions of Windows since Bitlocker became a thing. Even version that do not have the native Bitlocker enabled such as Win 10 Home.

Give it a try. It works for my tablet, it may work for phones. Certainly MS has documented that it works on all SKUs of Windows (though they may not have been thinking about mobile, as is usual for Microsoft...).

This brings us to the second problem. The encryption on your phone's internal drive is hardware encryption (which is why it can 'encrypt' or 'decrypt' instantly, because it isn't really decrypting it is just unlocking the drive). The encryption used on an SD card via Bitlocker is software encryption. This will need to leverage your phone's processor to work the magic every time you use the SD card. Whilst this may be acceptable for storage of secure files, you will not want to be doing this to a card you intend to run apps from on a phone.

[EndOfRope]

Hi Andy,
if you think it may work for phones, how would you transfer the encrytion key to the phone? Would be nice if it could work for WM10.

[AndyCalling]

You would simply type in the Bitlocker password. What happens when you attach a BitLocker 2 GO device to any PC? A prompt to enter the password. If that doesn't appear, then MS must not have been considering Mobile when they stated that this works with all SKUs. My L930 has no SD slot so I cannot test. You'll have to try it yourself. All I can say is that this works on all W10 devices I have that have SD slots or USB ports. Just need to enable BitLocker on the storage device via a full W10 pro PC first.

[sidtek50]

Sorry to be "that guy" but I've just found out that Windows 10 mobile doesn't have the ability to encrypt the SD card and as a result of that, I'm returning my Lumia 640.

Yes, it's that serious. I loved my 640. The camera quality wasn't perfect and the build quality was a bit off (squeak in top right. Case didn't sit well) but the lack of sd encryption pushed me over the edge.

I store lots of sensitive files on my sd card such as my resume, my work emails/some attachments and photographs of friends/family. With a Windows Phone, if someone manages to get hold of your phone they could see all your data in plain text. This is 2016. What's going on Microsoft???

Your biggest rivals are encrypting (or at least give the option to encrypt an sd card) but Microsoft aren't? There doesn't seem to be any logic behind this whatsoever. I don't like Android , in fact, I hate it, but I have been forced to buy one and ditch my 640 because the android let's me encrypt my sd card.

We really need to push MS to build this feature in. It's no wonder why MS are struggling in this market when features which have been around on other phones for years aren't available on the latest W10 mobile.

Sorry for the rant but I seriously loved my Lumia but no encryption means less privacy and security and I cannot afford to take the gamble. All it takes is one unscrupulous person to dump your data online all because you didn't have the option to protect your sd card.

[evdel]

Wel at least in the last insider SDCard Encryption is available.