Safeguard 8 Managed Client Enhancement request for SafeGuard to disallow “suspension” of BitLocker on client.
Safeguard 8 Managed Client Enhancement request for SafeGuard to disallow “suspension” of BitLocker on client.
the FDE capability are primarily governed by the following requirements:
·
Maintain or improve existing security posture of the Windows 7 platform
·
Ensure end users cannot suspend/remove installed security controls
As our current FDE solution in the Windows 7 environment prevents end users from suspending/removing full disk encryption provided by Sophos Safeguard 7.x, we are looking to preserve the same level of security in
our upcoming Windows 10 platform

1 comment
-
There is no reliable way to detect who (user, process, ...) triggered the suspension. That means such setting could lead to dangerous situations potentially resulting in data loss. For example, when Windows 10 updates itself to a newer version, it will suspend BitLocker.
We will certainly look into a way of reporting suspension better.