Information
You should require your users to use encryption on their mobile devices.
Rationale:
Unencrypted devices can be stolen and their data extracted by an attacker very easily.
Impact:
This setting should have no user impact, provided the device supports the feature.
Solution
To set mobile device management profiles, use the Microsoft 365 Admin Center:
Under Admin Centers select Endpoint Management.
Select Devices and then select Configuration profiles
Select Create profile
Set a Name for the policy, choose Android as the Platform and select Device restrictions
In the Password section, ensure that Encryption is set to Require.
Default Value:
Device encryption is not required by the O365 platform by default, although some mobile platforms are encrypted by default.