We are testing deployment of Android Enterprise for our users. We are a O365 shop and use certificate authentication to verify users when configuring their email accounts on their device.
We have noticed a problem where that after the device is enrolled with the container, the certificate is accessible outside the container.
We use Outlook as our email client on mobile devices and after the certificate is in place in the container, a user can download Outlook outside the container and configure it successfully to receive email.
The Outlook inside the container does not have to be activated or configured for this scenario to work.
We use the same Cert on the device to authenticate for WiFi connection as well as O365. Is that the cause of the leakage? Should we not use the same Cert for both and create two separate Certs for email and then WiFi connection?
We look forward to your comments
Thanks
