Encryption Settings Parent topic

Mobile Device Agent provides on-the-fly data encryption function to secure data on mobile devices. Two encryption algorithms are available: Advanced Encryption Standard (AES, with 128-bit, 192-bit, or 256-bit keys) and XTS-Advanced Encryption Standard (AES).
Note
Note
Mobile Security can only manage the data security policy on Windows Mobile devices.
You can select specific file types to encrypt on Windows Mobile devices, the encryption algorithm to use, trusted applications that are allowed to access encrypted data, or apply data encryption on memory cards inserted on mobile devices.
Mobile Device Agent does not encrypt Dynamic Link Library (*.DLL) files. Mobile Device Agent only encrypts files that a user has modified. Reading a file and closing it without any modifications does not result in the file being encrypted.
After the Encryption Module is enabled, certain file types and PIM information are encrypted. These file types and PIM Information are listed in the following table.
Encrypted Information
Types
File Types
  • doc
  • txt
  • ppt
  • pxl
  • pdf
  • xls
  • psw
  • docx
PIM Information
  • Contacts
  • Mail
  • Tasks
  • Calendar
  • SMS
  • MMS
The Encryption Module only allows trusted applications to access encrypted data. Therefore, you must add these applications to the trusted application list. To add software to the trusted application list, add the full software path to the appropriate list under: "Allow more applications to access encrypted data".
Note
Note
For advanced configuration, you can set Mobile Security to encrypt other file types. To enable encryption of custom file types, set the parameter Enable_Custom_Extension to 1 in the file TmOMSM.ini (located in \Trend Micro\Mobile Security). When the parameter is set to "1" in the file TmOMSM.ini, the Encrypt other file types field displays in the Data Security Policies screen. Specify the file types in this field.
To disable this feature, set the parameter Enable_Custom_Extension to 0. When the parameter is set to "0" in the file TmOMSM.ini, the Encrypt other file types field is not available in the Data Security Policies screen.
After making the change in the TmOMSM.ini file, restart Mobile Security Management Module Service service for the change to take effect.
WARNING
WARNING
Trend Micro does not recommend customizing file types for encryption. You cannot encrypt certain files types (for example, .exe, .cert, .dll, etc.). If you set Mobile Security to encrypt file types that should not be encrypted, unexpected system errors may occur.