Encrypted DAR implicit exclusion rules

This article provides a reference list of rules that are built into the Encrypted Data at Rest policy.

The following rules are not specific to any apps. Files contained in these paths do not contain any sensitive information, therefore their paths are bypassed for performance reasons.

Context
Rules
iOSLocation: Sandbox, Path: */com.apple.opengl/* 
Location: Sandbox, Path: */com.apple.metal/*
Android

Location: Sandbox, Path: */GPUCache/* 
Location: Sandbox, Path: */com.android.opengl.shaders_cache


Files in these paths are also excluded from encryption:

Context
Rules
AndroidLocation: SD Card, Path: */bluecedar-logfile.zip 
Location: Sandbox, Path: */mocana-map/logs/mapnext_*_log.txt


The following rules are defined for the TouchDown app to bypass MobileIron's app protection solution, which is known to interfere with Blue Cedar functionality.

  • Location: Sandbox, Path: */AppProtection*
  • Location: Sandbox, Path: app_collector/*
  • Location: Sandbox, Path: app_loader/*
  • Location: Sandbox, Path: storage/*
  • Location: Sandbox, Path: optimizedDex/*