Alerts for Device Encryption

These are the Device Encryption alerts.

There are the following types of alerts for Device Encryption:

Medium

Alert type

Description

Device is not encrypted

A volume is not encrypted even though it is supposed to be encrypted. A possible reason is that the user postponed encryption when the policy was applied.

Recovery key is missing

A recovery key for an encrypted volume cannot be found in the Sophos Central database.

Device Encryption is suspended

If you did not suspend Device Encryption, possible reasons are:

  • The recovery key is not yet stored in Sophos Central. Make sure that the endpoint has an internet connection.
  • Pre-provisioned BitLocker is not yet activated. Users need to define a PIN, password, or USB key to activate BitLocker.
  • Windows updates are being installed. BitLocker will automatically be un-suspended after the next restart.