As a Workspace ONE UEM admin, you can encrypt user information to further secure your user data, which includes an end user's first name, last name, email, and phone number.

Activating this feature limits some Workspace ONE UEM functionality, such as search, sort, and filter. Consider the implications carefully before activating the feature.

What can you do with the Data Security settings page?

The path to the settings page on the UEM console is Groups & Settings > All Settings > System > Security > Data Security.

With the Data Security settings page, you can activate the data encryption feature and then choose the user information that you want to encrypt.

Determine your Organization group hierarchy

Before you review and modify the settings, understand the two types of inheritance/override options for the organization group hierarchy available at the top and bottom of the settings page and determine your choice. For more information about these settings, see Override Versus Inherit Setting for Organization Groups.

  • Current Setting – Select whether to Inherit or Override the displayed settings. Inherit means use the settings of the current organization group's parent OG, while Override enables the settings for editing so you can modify the current OG's settings directly.
  • Child Permission – Select the available behavior of child organization groups that exist below the currently selected organization group. Inherit only means child OGs are only allowed to inherit these settings. Override only means they override the settings, and Inherit or Override means you can choose to inherit or override settings in child OGs that exist below the currently selected OG.

Encrypt User Information

You can select Enabled to activate the data encryption and then select each user data field you would like to encrypt. Encrypting a field means it will not display in other parts of the Workspace ONE UEM console. However, doing so also deactivate search, sort and filter on the items selected.