Q: Bitlocker Auto policy is deployed to a device but the encryption is not turning on automatically. Why?
Swif's Bitlocker policy works in these steps:
Checks are conducted in 5 - 10 minutes.
After a check, any problematic situation is identified (such as not being fully encrypted).
Then the Bitlocker Decryption process begins.
After that, the Encryption process for Full Encryption is initiated.
2 things to notice:
Turning off encryption and turning on encryption are time-consuming operations, depending on the device's storage.
It does not require a reboot.
If you want to monitor the Decryption and Encryption statuses, open a PowerShell window via "Run as Administrator" and execute the following command. During the Decryption process, you will see the 'Percentage Encrypted' value decrease, and it will increase during the Encryption process.
manage-bde.exe -status
Q: The escrow key is in Swif, but for some reason it still says unencrypted.
The encryption status is updated by the Swif agent so it will have some delay.