There seems to be some debate over whether or not the SD card can be encrypted; Android did not support external media encryption when it was introduced, and the current state of that feature seems to vary significantly between the various versions of Android.

The most authoritative source I can seem to find is from a forum post (the author may be a Google Software Engineer:

2012/1/10 Marc Blank [email protected]: The answer here is somewhat nuanced. ActiveSync can require that the device and/or sd card be encrypted, and we enforce those policies in ICS; however, ICS does not have the ability to encrypt removable storage (i.e. SD cards). So here's what happens:

1. In all current versions of ICS (up to 4.0.3), we accept the "encrypt device" requirement and reject the "encrypt sd card" in all cases (reject = we don't allow the account to be created/synced on device) 2) In the next update to ICS, we will also accept "encrypt sd card" if and only if the device is encrypted and it has no removable volumes (this is true of the Nexus S and Galaxy Nexus); on these devices, all internal storage is encrypted when device encryption is enabled.

Having said that, the Email/Exchange application never stores emails other than in internal storage; however, user can still choose to save attachment files to "sd card" (which may or may not be external) unless, of course, the ActiveSync policies are set up to disallow loading of attachments.

Does this make sense? Sorry if it's complicated, but ... that's how it is!

Marc

Having said that, in general I agree with the comment by Polynomial - it will probably be impossible to recover the contents of the SD card.

There seems to be some debate over whether or not the SD card can be encrypted; Android did not support external media encryption when it was introduced, and the current state of that feature seems to vary significantly between the various versions of Android.

The most authoritative source I can seem to find is from a forum post (the author may be a Google Software Engineer:

2012/1/10 Marc Blank [email protected]: The answer here is somewhat nuanced. ActiveSync can require that the device and/or sd card be encrypted, and we enforce those policies in ICS; however, ICS does not have the ability to encrypt removable storage (i.e. SD cards). So here's what happens:

1. In all current versions of ICS (up to 4.0.3), we accept the "encrypt device" requirement and reject the "encrypt sd card" in all cases (reject = we don't allow the account to be created/synced on device) 2) In the next update to ICS, we will also accept "encrypt sd card" if and only if the device is encrypted and it has no removable volumes (this is true of the Nexus S and Galaxy Nexus); on these devices, all internal storage is encrypted when device encryption is enabled.

Having said that, the Email/Exchange application never stores emails other than in internal storage; however, user can still choose to save attachment files to "sd card" (which may or may not be external) unless, of course, the ActiveSync policies are set up to disallow loading of attachments.

Does this make sense? Sorry if it's complicated, but ... that's how it is!

Marc

Having said that, in general I agree with the comment by Polynomial - it will probably be impossible to recover the contents of the SD card.

There seems to be some debate over whether or not the SD card can be encrypted; Android did not support external media encryption when it was introduced, and the current state of that feature seems to vary significantly between the various versions of Android.

The most authoritative source I can seem to find is from a forum post (the author may be a Google Software Engineer:

2012/1/10 Marc Blank [email protected]: The answer here is somewhat nuanced. ActiveSync can require that the device and/or sd card be encrypted, and we enforce those policies in ICS; however, ICS does not have the ability to encrypt removable storage (i.e. SD cards). So here's what happens:

1. In all current versions of ICS (up to 4.0.3), we accept the "encrypt device" requirement and reject the "encrypt sd card" in all cases (reject = we don't allow the account to be created/synced on device) 2) In the next update to ICS, we will also accept "encrypt sd card" if and only if the device is encrypted and it has no removable volumes (this is true of the Nexus S and Galaxy Nexus); on these devices, all internal storage is encrypted when device encryption is enabled.

Having said that, the Email/Exchange application never stores emails other than in internal storage; however, user can still choose to save attachment files to "sd card" (which may or may not be external) unless, of course, the ActiveSync policies are set up to disallow loading of attachments.

Does this make sense? Sorry if it's complicated, but ... that's how it is!

Marc

Having said that, in general I agree with the comment by Polynomial - it will probably be impossible to recover the contents of the SD card.

There seems to be some debate over whether or not the SD card can be encrypted; Android did not support external media encryption when it was introduced, and the current state of that feature seems to vary significantly between the various versions of Android.

The most authoritative source I can seem to find is from a forum post (the author may be a Google Software Engineer:

2012/1/10 Marc Blank [email protected]: The answer here is somewhat nuanced. ActiveSync can require that the device and/or sd card be encrypted, and we enforce those policies in ICS; however, ICS does not have the ability to encrypt removable storage (i.e. SD cards). So here's what happens:

1. In all current versions of ICS (up to 4.0.3), we accept the "encrypt device" requirement and reject the "encrypt sd card" in all cases (reject = we don't allow the account to be created/synced on device) 2) In the next update to ICS, we will also accept "encrypt sd card" if and only if the device is encrypted and it has no removable volumes (this is true of the Nexus S and Galaxy Nexus); on these devices, all internal storage is encrypted when device encryption is enabled.

Having said that, the Email/Exchange application never stores emails other than in internal storage; however, user can still choose to save attachment files to "sd card" (which may or may not be external) unless, of course, the ActiveSync policies are set up to disallow loading of attachments.

Does this make sense? Sorry if it's complicated, but ... that's how it is!

Marc

Having said that, in general I agree with the comment by Polynomial - it will probably be impossible to recover the contents of the SD card.