Disk Encryption

Automatically adjust Trust Levels and enforce security policies based on whether specific files are on a device

  • Updated on May 21, 2024

Disk Encryption Overview

Disk Encryption assesses whether devices’ disk encryption is enabled.

How to add Disk Encryption as a Trust Factor

  1. In the Command Center, navigate from Trust > Profiles.

  2. Either select an existing Trust Profile or create a new one.

  3. Under the Trust Factors tab, select + Add Trust Factors if creating a new Trust Profile; select Edit and then +Add Trust Factors if adding new Trust Factors to an existing Trust Profile. Select Disk Encryption.

  4. Set the Trust Effect.

How Cloud Secure Edge Collects the Disk Encryption Trust Factor

OS Command Input Expected Output
macOS fdesetup isactive TRUE
Windows (pre v.3.6) manage-bde -status BitLocker Drive Encryption: ; Volume C: []; [OS Volume]; Size: x GB; BitLocker Version: x ; Conversion Status: Used Space Only Encrypted; Percentage Encrypted: 100.0% ; Encryption Method: XTS-AES 128 ; Protection Status: Protection On
Windows (v.3.6 and later) Get-BitlockerVolume ComputerName: x ; VolumeType; Mount CapacityGB, etc.
Linux lsblk --json -o NAME,FSTYPE,MOUNTPOINT Â