Disk Encryption
Automatically adjust Trust Levels and enforce security policies based on whether specific files are on a device
- Updated on May 21, 2024
- Disk Encryption Overview
- How to add Disk Encryption as a Trust Factor
- How Cloud Secure Edge Collects the Disk Encryption Trust Factor
Disk Encryption Overview
Disk Encryption assesses whether devices’ disk encryption is enabled.
How to add Disk Encryption as a Trust Factor
-
In the Command Center, navigate from Trust > Profiles.
-
Either select an existing Trust Profile or create a new one.
-
Under the Trust Factors tab, select + Add Trust Factors if creating a new Trust Profile; select Edit and then +Add Trust Factors if adding new Trust Factors to an existing Trust Profile. Select Disk Encryption.
-
Set the Trust Effect.
How Cloud Secure Edge Collects the Disk Encryption Trust Factor
| OS | Command Input | Expected Output |
|---|---|---|
| macOS | fdesetup isactive |
TRUE |
| Windows (pre v.3.6) | manage-bde -status |
BitLocker Drive Encryption: ; Volume C: []; [OS Volume]; Size: x GB; BitLocker Version: x ; Conversion Status: Used Space Only Encrypted; Percentage Encrypted: 100.0% ; Encryption Method: XTS-AES 128 ; Protection Status: Protection On |
| Windows (v.3.6 and later) | Get-BitlockerVolume |
ComputerName: x ; VolumeType; Mount CapacityGB, etc. |
| Linux | lsblk --json -o NAME,FSTYPE,MOUNTPOINT |
Can’t find what you’re looking for?
We’re happy to help. Contact our team.