deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 21:37:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/security/operating-system-security/data-protection/bitlocker/includes/require-device-encryption.md
Paolo Matarazzo e7b1512e60 updates
2023-09-25 12:49:46 -04:00

1.4 KiB
Raw Blame History

author, ms.author, ms.date, ms.topic
author ms.author ms.date ms.topic
paolomatarazzo paoloma 09/24/2023 include

Require device encryption

This policy setting determines whether BitLocker is required on a drive.
If you disable the policy, BitLocker isn't turned off for the system drive, but it stops prompting the user to turn BitLocker on.

Encryptable fixed data volumes are treated similarly to OS volumes. However, fixed data volumes must meet other criteria to be considered encryptable:

  • It must not be a dynamic volume
  • It must not be a recovery partition
  • It must not be a hidden volume
  • It must not be a system partition
  • It must not be backed by virtual storage
  • It must not have a reference in the BCD store

Note

Only full disk encryption is supported when using this policy for silent encryption. For non-silent encryption, encryption type will depend on the Enforce drive encryption type on operating system drives and Enforce drive encryption type on fixed data drives policies configured on the device.

Path
CSP ./Device/Vendor/MSFT/BitLocker/RequireDeviceEncryption
GPO Not available