Encryption Invoked by Bitlocker but not from The Safegaurd Console

Hi All,

we are facing this problem when we install Sophos Safegaurd: 8.00.251 and later on Windows 10 Machine (1709- or 1803) on Dell Latitude E7270;E7280:7480 when we restart the machine and logon withth e user the pc is encrypted directly by windwos bitlocker , but bitlocker is not engaged by Sophos Safeguard (policy) so than the machine appear as crypted by bitlocker AES 128 and not 256. It appear also the propt of safegaurd to set the pin with postpone or encrypt and not restart and encrypt. The solution that we found is to uninstall Safeguard , restart the machine than from windows cmd we  run the command manage-bde off C: and then reinstall, Please could you help me on this issue? On old Dell Latitude or Lenovo there is not this issue.

  • Hi Pietro,

    Thank you for contacting us. This seems like there could already be a Bitlocker policy in place enforced via GPO to encrypt the driver! Can you please help us with a screenshot of the encryption policy in place? Have you tried using the latest version of SafeGuard available?

    Pietro Guzzetti
    It appear also the propt of safegaurd to set the pin with postpone or encrypt and not restart and encrypt

    Can you please help m with a screenshot of this as well?

    Also after encryption does the endpoint report to SafeGuard console as encrypted ? Are you able to perform recovery as well for those machines?

    Pietro Guzzetti
    The solution that we found is to uninstall Safeguard , restart the machine than from windows cmd we  run the command manage-bde off C: and then reinstall

    This basically turns off bitlocker manually and re installs SafeGuard to re-enforce encryption via SafeGuard policy! Hence I strongly suspect GPO's involvement in the new endpoints!