The Intune team has received reports that some Android devices appear to be encrypted out of the box, even though the Company Portal app detects that the devices are not encrypted. Our investigation revealed that some Android device manufacturers are encrypting devices using methods outside of what is recommended by the Android Compatibility Definition document (section 9.9) published by Google. A specific device where we are consistently finding encryption errors in our testing is with the Huawei Honor 8. The Intune Company Portal app is correctly preventing these devices from accessing protected resources since the devices don’t meet Android and Intune guidelines.
To work around this, you will have to determine:
- If encryption is important to your device strategy.
- If encryption is important, then consider using Intune app protection policies as described here.
You can run a report within Intune to determine which devices are compliant. For more information about how to remediate devices that are in this state, visit https://docs.microsoft.com/intune/enduser/your-device-appears-encrypted-but-cp-says-otherwise-android.