Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 5 subscribers
  • Views 10387 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can't get Safegaurd to manage systems with multiple drives

mkinnick

My company has been trying to implement Safegaurd Enterprise but we are really stuck right now. Our systems are primarily Windows 8.1 laptops and about half of these have 2 drives, an SSD for the OS and a mechanical drive for data. On our laptops with just SSD's Safegaurd seems to work fine - after installing and rebooting the drive starts encrypting, and there is never a prompt for where to store the Bitlocker encryption key so the TPM module seems to be storing the keys for those. However on the ones with more than one drive the C: drive will start encrypting right away but we are prompted for a location to store the encryption key for the other drive. The laptops are a mix of different models with different models of hard drives and we've tried replacing the drives with all the different models that we have available and it does not make a difference. None of the hard drives we've tried are on Sophos' list of OPAL drives that are known to have issues with Safeguard managing Bitlocker on them.

I've had a ticket open with support for the last week or so and the only thing they've really been able to suggest is to clear the TPM and try installing again. Tried this a number of times and have had no luck. Help???

:55332


This thread was automatically locked due to age.
Parents
  • 0

    Thank you so much Chris, this worked! I did not realize tha the keys could be saved to another encrypted drive.

    However, now I'm running into another issue. I am testing recovery by updating the BIOS on the system. When I did this in the past I was able to go through the Recovery process in the Safegaurd Management Center and get the recovery key from there, enter it on the machine and unlock it.

    When I try to do this for the boot drive, it is asking me for a Challenge, which I would assume the system I'm trying to recover should give to me but the only option for recovery it is giving me is to "Plug in the USB drive that contains the Bitlocker recovery key". No option to enter a recovery key, no option for challenge. I definitely didn't save the key to a USB drive. Do I have something in the client configuration set wrong that is causing this?

    :55354
Reply
  • 0

    Thank you so much Chris, this worked! I did not realize tha the keys could be saved to another encrypted drive.

    However, now I'm running into another issue. I am testing recovery by updating the BIOS on the system. When I did this in the past I was able to go through the Recovery process in the Safegaurd Management Center and get the recovery key from there, enter it on the machine and unlock it.

    When I try to do this for the boot drive, it is asking me for a Challenge, which I would assume the system I'm trying to recover should give to me but the only option for recovery it is giving me is to "Plug in the USB drive that contains the Bitlocker recovery key". No option to enter a recovery key, no option for challenge. I definitely didn't save the key to a USB drive. Do I have something in the client configuration set wrong that is causing this?

    :55354
Children
No Data
Unfiltered HTML