I have a question about the key rotation at the end of their lifetime.
as per audit review the following question came up and i am uncentain if we need to create a pollicy outside of sophos or if sophos already mannage this.
Keys are changed at the end of the defined cryptoperiod?
my questions are:
I could not find this in any documentation.
There are two keys in play here. The bulk encryption key that Bitlocker uses on the drive which is stored in the TPM and the Recovery key.
Central Device Encryption stores the Recovery Key and polls the…