How to use the registry to verify the disk encryption status
It is possible to query Registry Settings to verify an endpoint’ encryption status.
Query the dword value DiskEncrypted located under HKEY_LOCAL_MACHINE\SOFTWARE\WinMagic\
Value | Definition |
0 | Decrypted or Plaintext |
1 | All disks encrypted |
2 | A USB or secondary disk is in plaintext |
3 | A USB or secondary disk has been wiped |
4 | Endpoint is configured for Removable Media Only. Disk is in plaintext |
5 | Disk is encrypting |
6 | Encryption is not supported. This could be an SED standard that isn’t supported, or a Bitlocker configuration that isn’t supported. |
7 | The disk is already encrypted but not managed by SecureDoc |
8 | The disk is already encrypted, and we are in the process of managing it |
9 | A disk is in the process of being decrypted. |
10 | A reboot is required. |
Custom Fields
• Operating System: Windows
• Version: Affects all versions of SD