Bitlocker Sophos

Posted : admin | On 30-04-2021



  1. Bitlocker Sophos Download
  2. Sophos Bitlocker Bios Updates
  3. Bitlocker Sophos Software

Microsoft BitLocker is most compared with Symantec Endpoint Encryption, McAfee Complete Data Protection, ESET Endpoint Encryption, Trend Micro Endpoint Encryption and WinMagic SecureDoc, whereas Sophos SafeGuard is most compared with Cisco AMP for Endpoints, Trend Micro Endpoint Encryption, Symantec Endpoint Encryption, ESET Endpoint Encryption and Digital Guardian. SafeGuard Enterprise enhances BitLocker capabilities significantly. Security policies for BitLocker can be centrally rolled out thanks to SafeGuard Enterprise. Even critical processes such as key management and key recovery are available when BitLocker is managed with SafeGuard Enterprise. Manage BitLocker: Manage FileVault: Hosted in the cloud – no server to deploy: Manage encryption alongside endpoint, server, mobile, firewall, email and other Sophos protection products: Available through the same agent as Sophos Intercept X: Secure document sharing: Self-service PIN/password recovery: Prompt users for regular PIN/password. Sophos Central Device Encryption allows you to manage BitLocker Drive Encryption on Windows endpoints and FileVault encryption on Mac endpoints via Sophos Central. Encrypting hard disks keeps data safe, even when a device is lost or stolen. This guide describes how to set up and use Device Encryption.

  • This article will show you how to decrypt the drive after the drive has been encrypted using Sophos Central on Windows 10 and Windows 7.
  • To decrypt the drive that we have encrypted with Sophos Central on Windows 7 and Windows 10 we need to install Sophos Endpoint Protection and use Sophos Central to create the Policy to encrypt the previous drive.
  • To perform disk encryption using Sophos Central for both Windows 10 and Windows 7 you can see the instructions at the link below.
  • After the drive encryption is finished, we will proceed to decrypt the drive as instructed below.

Configuring

  • After the drive on the machine is encrypted, we cannot arbitrarily decrypt the drive.
  • If we try to decode, the system will automatically re-encrypt the drive.
  • To decrypt the drive we need to contact the administrator to administer the encryption policy off on the computer or remove the computer from that encryption Policy.
  • To do that we have to log into Sophos Central with an account with Admin rights.
  • Click Devices and select the encrypted host name that we need to decrypt.
  • Clicking on the Policies tab, we will see that the Policies have been applied to the machine.
  • Click on the Policy we created to encrypt the machine, and the Policy edit panel will appear, select the POLICY ENFORCE tab and turn off the policy then click Save.
  • Next we will perform disk decoding.

For Windows 10

Sophos

Bitlocker Sophos Download

  • Open ThisPC > right click on the encrypted drive select Manage BitLocker > Select Turn Of BitLocker and Decrypt process will start.

For Windows 7

  • Click the Windows icon and enter the ‘bitlocker’ search box and select BitLocker Drive Encryption.
  • Next select Turn Of BitLocker to Decrypt drive.

YOU MAY ALSO INTEREST

You can find encryption recovery keys.

You can get a device encryption recovery key by entering a volume or recovery identifier.

Retrieve recovery key (Windows computers)

If users are unable to log in to their encrypted computer, you can get a recovery key which is used to unlock the computer. There is a recovery key for each volume of a BitLocker protected computer. It is created and backed up in Sophos Central before the computer is encrypted.

Note When Sophos Device Encryption is installed, existing BitLocker recovery keys are replaced automatically and can no longer be used.
Note Even if a policy has been disabled and the computer's Device Encryption status is shown as 'Unmanaged', you can get a recovery key if one is available.

To get the recovery key, go to Computers, select the computer you want to recover, and click More > Retrieve Recovery Key. If you cannot find the computer in the list, you need the recovery key identifier or the volume identifier and use it in the recovery wizard, as follows:

  1. Tell the user to restart the computer and press the Esc key in the BitLocker logon screen.
  2. Ask the user to provide you with the information displayed in the BitLocker recovery screen.
  3. In Sophos Central, go to Computers and click More > Retrieve Recovery Key.
  4. Enter at least five characters of the recovery key identifier or the volume identifier provided by the user.
  5. Click Show Key to display the recovery key.
    Note If you enter a volume identifier, Sophos Central displays all available recovery keys for this volume. The latest recovery key is the top one.
  6. Make sure that the user is authorized to access the encrypted device before you provide the recovery key.
    Note As soon as a recovery key is displayed to you as administrator, it is marked as used and will be replaced at the next synchronization.
  7. Give the recovery key to the user.

The user can now unlock the computer. Users of computers running Windows 8 or later are prompted to create a new PIN or password. Instructions for creating the PIN or password are displayed automatically.

After the computer has been recovered, a new recovery key will be created and backed up in Sophos Central. The old one will be deleted from the computer.

Sophos Bitlocker Bios Updates

Retrieve recovery key (Macs)

If users forget their login password, you can get a recovery key which is used to unlock the computer.

To get the recovery key, go to Computers, select the computer you want to recover, and click More > Retrieve Recovery Key. If you cannot find the computer in the list, you need the recovery key identifier or the volume identifier and use it in the recovery wizard, as follows:

  1. Tell the user to switch on their computer and wait until the Recovery Key ID is displayed.
    Note The recovery key ID is displayed for a short time. To display it again, users must restart their computer.
  2. Ask the user to tell you the Recovery Key ID.
  3. In Sophos Central, go to Computers and click More > Retrieve Recovery Key.
  4. Enter at least five characters of the recovery key identifier.
  5. Click Show Key to display the recovery key.
  6. Make sure that the user is authorized to access the encrypted device before you provide the recovery key.
  7. Give the recovery key to the user.
    • For users imported from Active Directory, continue to step 8.
    • For all other users, go straight to step 10.
  8. Reset the existing password in Active Directory. Then generate a preliminary password and give it to the user.
  9. Tell the user to click Cancel in the Reset Password dialog and enter the preliminary password instead.
  10. Tell the user to do as follows:
    • Create a new password.
    • Click Create New Keychain if prompted.

The user can access the computer again.

Bitlocker Sophos Software

No new recovery key is created. The existing recovery key remains valid.