How long does it take a device in a Device encryption Policy to be encrypted?
I've created a policy for device encryption and added a pc to that policy. How long before the device will start the process of asking for the encryption setup? I've restart the pc a few times and it doesn't begin the encryption setup.
Encryption is on and policy enforced.
Thank you for reaching out to us,
The encryption process will start immediately once you've met the encryption requirements.
*device encryption is installed on the endpoint.
*TPM is enabled on the device.
Can you validate whether either of those two is missing on your target device?
Ahh. So the TPM is enabled.
And when you say device encryption is installed on the endpoint. Do you mean bitlocker? Or a sophos installer? Or is that something that we have to assign from Sophos Central. The documentation is not clear on this?
Hi Alberto Solano ,
Answering to your above question: The Device Encryption agent is installed on Windows computers automatically when you use the standard Windows agent installer (if you have the required license), which means you should have an encryption license and then downloaded the complete windows installer or if you have selected components based, you must have selected device encryption option as seen in below screenshot.
Find the below requirements for encryption setup:
Users must log on to their endpoints. They must be connected to and synchronized with Sophos Central.
Note: that remote logon is not supported.
The operating system must support BitLocker Drive Encryption.
Refer this to get Device Encryption step by step.
For the Device encyption system compatibility check, please click here.
Also, when all the above requirements are met, and still it is not encrypted, you could try the below steps:
Select the install option under Encryption drop-down box and save it.
The final step was to click on the Assign link. After doing this a window popped up on the endpoint asking to set a pin for bitlocker.
Thank you for the help.