cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

InstantGo Azure AD Join Encryption / Policy Required

Stuart King
Iron Contributor

‎Mar 26 2018 02:04 AM

‎Mar 26 2018 02:04 AM

InstantGo Azure AD Join Encryption / Policy Required

Hi All

 

Just need some clarification here.

 

It's my understanding that InstantGo devices are automatically encrypted when joined to Azure AD.

 

All good.

 

So, would there be a need to have a Device Configuration Policy for BitLocker or just a Compliance Policy to check that the encryption was successful?

 

Info greatly appreciated.

 

Stuart

1,812 Views
0 Likes
1 Reply
Reply
1 Reply
Oliver Kieselbach

‎Mar 27 2018 12:45 PM - edited ‎Mar 27 2018 01:03 PM

‎Mar 27 2018 12:45 PM - edited ‎Mar 27 2018 01:03 PM

Re: InstantGo Azure AD Join Encryption / Policy Required

Hi Stuart,

 

Yes they are encrypted but If you like to control things like removable data drives you would need one. In addition if the device is not InstantGo capable but an 1803 version of Windows 10 you can even enforce encryption ("Encrypt device" = Require) in silent activation if you choose the new setting "Warning for other disk encryption" to block. If not InstantGo and pre 1803 and "Encrypt device" = Require you will get an Wizard to guide the user to activate BitLocker.

 

Compliance is always good for reporting or in conjunction with Conditional Access a requirement.

 

best,

Oliver

 

0 Likes
Reply