I guess you are asking this because they are full disk encrypted, and decryption takes a long time.

The fastest way is usually to apply a fresh image. Sometimes, depending on the imaging software, an MBR repair is in order.

If that is not possible, there is no other alternative than to remove it the traditional way.

I am getting the windows error code 0x8024a105 after update the system into windows 10 and after that safeguard is not working. Is there any solution regarding this issue.

Hi Olivia, 

Please check out https://community.sophos.com/kb/en-us/124771 to see if you are using a supported version of the SafeGuard Enterprise client.

Would you, next time, mind creating a new item, by clicking the + NEW button top right?

Thanks & Regards,

 John

Is this is the best and right way for solving your all problem first let try this one it will help you ever?

Depends on what is in the policy exactly, but could be. But I usually recommend against decryption, and advise to put a fresh image on a machine and reset the MBR, which leaves you with a working Windows on an unencrypted disk.

I think a decryption policy is a good one to have within your policies. If a device needs to be taken to a country that doesn't play well with encryption (China etc..) then it's much easier to allow this user/device to decrypt if a unencrypted device isn't available for them to take. It's also possible that a device has a compatibility/performance issue being encrypted-  allowing the device to decrypt will help fault-find. 

I do advise that when moving the device to a new user then a complete format/wipe is actioned - for security more than anything, but I do think worth having the policy in place.

I think too that now SSD is becoming so common decrypting the device isn't that slow - most of our devices will decrypt/encrypt within 30 mins for the faster SSD. 

You forget to mention the USA border people. They will image your drive if they feel like it, or take it off you. If you have to go to such countries, take an old, empty, unencrypted laptop.
Don´t even think of decrypting your normal work laptop. This should be in a company policy.

Encryption causes no performance issues. Not even on SSD, when the CPU has Intel-NI.

Compatibility issues are almost always with third party encryption software, like PGPDisk. With SGN DE you boot with a CD that has the drivers on board, so repairs can be done while the disk stays encrypted. And don´t allow your staff to bring encryption software from home.

The only good reason to decrypt an SGN-DE encrypted drive is when your subscription has run out or you´re finished with an evaluation.

All IMHO.

Hi David Brayan 

Please suggest if you had the similar issue with windows update before Safeguard was uninstalled or if you are using Safeguard for a long time, would be able to remove Sophos from that machine and try to update it?