Morning everyone - Just a heads up if you're not aware.
There's a known issue now with SED (Self encrypting drives) and how encryption can be bypassed.
You'll possibly need to check your GPO's to make sure SOFTWARE is used in preference to hardware (I know...seems odd even saying it!)
Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives
"This policy controls how BitLocker reacts when encrypted drives are used as operating system drives. Using hardware-based encryption can improve the performance of drive operations that involve frequent reading or writing of data to the drive."
https://www.bleepingcomputer.com/news/security/flaws-in-popular-ssd-drives-bypass-hardware-disk-encryption/ is a good article though that talks you through it.
I'd like to point out this is NOT a Sophos issue as such - It's actually the SSD manufacturers, that in turn have had their issue highlighted by a default MS setting that controls BL that Sophos also manages.... If that makes sense!
So - Check your GPO's please people and also any SED if you have them! There's firmware available for some drives already too...
This thread was automatically locked due to age.