This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
faust
Explorer
‎2026-03-18 01:56 AM
Jump to solution

What happens to BitLocker encryption after disabling Full Disk Encryption?

Hi CheckMates,

I have a question regarding the interaction between BitLocker and Harmony Endpoint Full Disk Encryption (FDE) on Windows devices.

Scenario:

  • A Windows device was originally encrypted using BitLocker.
  • Later, we enabled Full Disk Encryption (FDE) via Harmony Endpoint (EPMAAS).
  • According to documentation, Harmony FDE can take over management of BitLocker.

If we later disable the Full Disk Encryption policy in Harmony Endpoint, what happens to the disk encryption status on the device? Will the disk be decrypted after disabling FDE or will BitLocker management be handed back to the device, and the disk remain encrypted with BitLocker?

I want to understand if disabling FDE will leave the device unencrypted, or if BitLocker will continue to protect the disk as before.

0 Kudos
2 Solutions

Accepted Solutions
the_rock
MVP Diamond
MVP Diamond
‎2026-03-18 06:40 AM
Jump to solution

Im fairly sure BitLocker would protect the device, as before, if you disable FDE.

Best,
Andy
"Have a great day and if its not, change it"

View solution in original post

(1)
lluner
Advisor
‎2026-03-18 06:58 PM
Jump to solution

@faust 

In my tests, the interesting thing is whether you use BitLocker or FDE. I've had problems with BitLocker enabled, and when I tried to remove the endpoint, it caused problems with the operating system on Windows 11. Therefore, if you're going to use FDE, disable BitLocker and be careful when removing the antivirus with BitLocker enabled; I don't know how the new version 89 works.

View solution in original post

5 Replies
the_rock
MVP Diamond
MVP Diamond
‎2026-03-18 06:40 AM
Jump to solution

Im fairly sure BitLocker would protect the device, as before, if you disable FDE.

Best,
Andy
"Have a great day and if its not, change it"
(1)
the_rock
MVP Diamond
MVP Diamond
‎2026-03-18 11:11 AM
In response to the_rock
Jump to solution

@faust To be sure, I would definitely open TAC case to get an official answer.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
(1)
faust
Explorer
‎2026-03-18 11:16 AM
In response to the_rock
Jump to solution

Thanks for the tip — much appreciated!

the_rock
MVP Diamond
MVP Diamond
‎2026-03-18 11:21 AM
In response to faust
Jump to solution

Of course, any time!

Best,
Andy
"Have a great day and if its not, change it"
(1)
lluner
Advisor
‎2026-03-18 06:58 PM
Jump to solution

@faust 

In my tests, the interesting thing is whether you use BitLocker or FDE. I've had problems with BitLocker enabled, and when I tried to remove the endpoint, it caused problems with the operating system on Windows 11. Therefore, if you're going to use FDE, disable BitLocker and be careful when removing the antivirus with BitLocker enabled; I don't know how the new version 89 works.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events