With Sophos Mobile Encryption 2.0 the new keyring feature was introduced.
With this feature, it is not necessary to enter the password every time you open a file which was encrypted with the same key.
Instead, the key is added to the keyring of Sophos Mobile Encryption.
This article describes how these keys are secured.
Known to apply to the following Sophos product(s) and version(s)
Sophos Mobile Encryption for iOS
What To Do
Sophos Mobile Encryption does not add any cryptographic process to the operating system in order to secure the keys.
They are secured using the provided functionalities of the operating system. Only applications using the Sophos certificate are able to access the keys imported by Sophos Mobile Encryption.
These keys are only usable if the device is unlocked.