The following nine steps walk through the process of adding this new policy setting in Microsoft Intune and distributing it to Windows 11 devices. When multiple drives should be listed, the different values can be separated by a comma. The Hardware ID can be found in the Details tab in the Properties of a device in the Device Manager.
That setting requires a String data type value of the Hardware ID of the removable drive. A nice self explanatory setting that can be used exclude removable drives from the encryption requirement. That new policy setting is RemovableDrivesExcludedFromEncryption. Starting with Windows 11 Insider Preview Build 22579, Microsoft introduced a new policy setting as part of the BitLocker CSP.
Creating custom device configuration policy to exclude removable drives Setting is available starting with Windows 11 Insider Preview Build 22579. Important: This post relies on functionality that is at the moment of writing only available in Windows 11 Insider Preview Builds in the Dev Channel. Note: The configuration to require encryption of removable drives is referring to using the RemovableDrivesRequireEncryption policy setting when using MDM, or to using the Deny write access to removable drives not protected by BitLocker when using Group Policy. This post will end with the user experience. This post will introduce that new policy setting and will walk through the configuration of that policy setting. Even when encryption of removable drives is required. That policy can be used to create an exclusion list of devices for which the user will not be prompted for encryption. To address that challenge, Microsoft has introduced a new policy. That, however, would often cause more problems than solutions. That would also require that type of storage to be required, when read access wasn’t sufficient.
When organizations have configured that removable drives require encryption, that introduces challenges with storage built into specialized devices like video cameras, voice recorders, conferencing systems, medical devices and many more. That scenario is around removable USB-drives and automatic encryption. This week a short blog post to address a scenario that’s been challenging for a while.
0 kommentar(er)
