Encryption method and reporting
You can encrypt volumes with software-based or hardware-based encryption.
Device Encryption always uses software-based encryption for new volumes, even if the drive supports hardware-based encryption.
If a drive is already encrypted with hardware-based encryption, it isn't changed.
If a BitLocker group policy setting requires hardware-based encryption, it isn't changed.
On the Devices > Computers page, you can filter computers according to their encryption status, for example, encryption method or computers that aren't encrypted. See Encryption status for possible encryption statuses.
A computer's details page shows the encryption method and algorithm used for a volume.
For Windows computers, you can also see Encrypted since. The information shown depends on the device:
- For computers already encrypted with Sophos Central Device Encryption, it shows the date and time the computer upgraded to Sophos Central Device Encryption version 2.1.
- For computers encrypted using another encryption product, it shows the date and time Sophos Central Device Encryption was installed.
- For new computers encrypted with Sophos Central Encryption 2.1 (or later), it shows the date and time of encryption.