The Client File System Agent (CFSA) can affect the operation of the BitLocker To Go encryption feature on endpoint computers.
If the CFSA is installed on an endpoint computer and configured to apply policy to files being copied to removable devices (such as USB drives or SD cards), BitLocker cannot initialize removable devices for encryption. That is, it cannot give these devices the "lockdown treatment". This is because the BitLocker initialization process is denied write access to the device by the CFSA.
Note: This problem only occurs if the CFSA is explicitly configured to apply policy to removable devices. Also, if a removable device has been initialized by BitLocker running on a different computer, the device can used on any endpoint computer hosting the CFSA, even if the CFSA is configured to apply policy to removable devices.
Copyright © 2014 CA.
All rights reserved.
|
|