Bitlocker compliance policies and MBAM

Hi Le_Michel, Both these are included in the compliance policy, which means that the device will be evaluated on these policies, and based on the conditions configured, actions will be taken.

1. Require BitLocker: If you set it to "Required," it will only check for encryption state at boot time. It can only protect data stored on the drive from unauthorized access when the system is off or hibernates.
2. Encryption of data storage on a device: Indicates compliance with the enterprise encryption policy for system drives. As it does not require a reboot to evaluate BitLocker compliance so the disadvantage of it is that if you are using conditional access, it may block users from accessing corporate resources until the device is marked as compliant.

As you mentioned, you already have encryption forced through MBAM, so if co-management is enabled, you can use these in-compliance policies to evaluate your compliance. But if you have conditional access, you must proceed with caution.