Sprinto Dashboard

How to resolve Sprinto check to enable encryption on staff device

About

Sprinto check: Disk encryption should be enabled on staff device

The above Sprinto check fails if the staff device's storage encryption is disabled.

Purpose

All modern operating systems come with an in-built encryption algorithm to encrypt device data. Storage encryption provides an additional security layer, as the encrypted data can only be accessed using the key stored on the device. Device storage encryption ensures the data remains safe even if the device gets unauthorized access.

Enabling device storage encryption

Follow the below applicable procedure to enable device storage encryption:

  • Mac OS:

Before you begin:

  • Ensure you log in as Administrator on the Mac device you want to enable FileVault.

  • You'll choose the drive recovery method for data recovery if you forget the login password.

    • iCloud: Allows you to recover your storage drive using your iCloud ID and Password if you use it on your Mac device for storage backup.

    • Recovery key: Allows you to recover your storage drive using the Recovery key.

Note: Follow these rules for the Recovery key-based method.

- Ensure you store the encryption Recovery key in a location other than the encrypted drive.

- If you write the key down, copy the letters and numbers shown precisely.

- Keep the key in a safe location that you'll remember.

Procedure:

Follow the below instructions to enable FileVault encryption on Mac:

  1. On your Mac, click Apple Menu and select System Settings.

  2. From the System Settings window, select Privacy & Security, then scroll down to the FileVault section.

  3. Click Turn On.. to enable FileVault.

  4. Select a disk recovery method, then click Continue. Note: We recommend using iCloud-based recovery if you use the service; otherwise, select the Recovery key-based method.

  5. If you choose the Recovery key option in the previous window, the recovery key will be displayed. Copy the key to a safe location other than the drive you are encrypting that you'll remember, and Click Continue to proceed.

  6. Disk encryption starts. Depending on your disk storage size, it may take a few minutes. Upon completion, you will see the "Encryption finished" message displayed.

  • Windows OS:

Note: The procedures below apply only to the Windows Professional variant. If your machine runs on Windows Home, please upgrade to Windows Professional.

Follow the below applicable procedure to enable the disk encryption:

Windows 10

  1. Device Encryption

    1. Sign in to Windows with an administrator account (you may need to sign out and log in to switch accounts).

    2. Select the Start button, then navigate to Settings > Update & Security > Device Encryption. If Device encryption is not visible, consider using standard BitLocker encryption as an alternative.

    3. If device encryption is turned off, select Turn on.

  2. Standard BitLocker Encryption

    1. Sign in to your Windows device with an administrator account.

    2. In the search box on the taskbar, type Manage BitLocker and select it from the results. Alternatively, select Start, then under Windows System, choose Control Panel. In the Control Panel, go to System and Security > BitLocker Drive Encryption > Manage BitLocker.

    3. Select Turn on BitLocker and follow the provided instructions.

Windows 11

  1. Turn on Device EncryptionSign into Windows with an administrator account (you may need to sign out and log in to switch accounts).

  2. Select Start > Settings > Privacy & security > Device Encryption. If Device encryption is not visible, consider using standard BitLocker encryption.

  3. If Device encryption is turned off, turn it on.

  4. Turn on Standard BitLocker Encryption. Sign in to your Windows device with an administrator account.

  5. In the taskbar search box, type Manage BitLocker and select it from the results. Alternatively, select Start > Settings > Privacy & security > Device encryption > BitLocker drive encryption.

  6. Select Turn on BitLocker and follow the provided instructions.

For further details and to check if your device supports device encryption, refer to Device Encryption in Windows.

  • Linux OS:

For detailed instructions, refer to the documentation on enabling data encryption for Linux devices.

Please get in touch with Sprinto Support if you have any queries related to the Sprinto check or need any assistance.

PreviousHow to resolve Sprinto check to enable backup on Azure DisksNextHow to resolve Sprinto check to enable storage encryption on AWS FSx File System