7.14	Configure Security Encryption

GFI EndPointSecurity can detect drives encrypted with BitLocker To Go. To enable this feature;

1. Click the Configuration tab.

2. Click Protection Policies and select the required policy.

3. Under Security section in the right pane, click Encryption.

Screenshot 84 - BitLocker To Go encryption

4. In the encryption dialog, click Enable detection of Windows 7.. to enable encryption.

5. Click Permission tab to configure which users have access to encrypted devices. Click Add to include active directory users.

6. Click File-type Filter to configure which files are to be restricted access.

7. Select the restriction to apply;

•	Use the same File-Type filters used for non-encrypted devices.

•	Allow all files but block the usage of the following file types.

•	Block all files but allow the usage of the following file types.

8. Click Add to select the file type and the user(s)/group(s) to which the restriction will apply. Repeat for each file type you want to restrict.

9. Click OK twice to finalize settings.