Hi,
the article on the link below is not clear if that product can handle/protect Windows Servers. Can anyone confirm? We have an environment with Windows Server 2008 R2 and also Windows Server 2012 R2.
https://www.sophos.com/en-us/medialibrary/PDFs/factsheets/sophos-central-device-encryption-dsna.pdf
>>> If not, how to protect Windows server which maybe physically stoled???
tks
Hello Renato,
It’s possible to use BitLocker drive encryption policies from Active Directory in order to trigger encryption of these server OS'. The management of Recovery Keys will be done by your AD environment if done this way.
https://docs.microsoft.com/en-us/mem/configmgr/protect/deploy-use/bitlocker/deploy-management-agent
Configure BitLocker Management Services: When you turn on this setting, Configuration Manager automatically and silently backs up key recovery information in the site database. If you turn off or don't configure this setting, Configuration Manager doesn't save key recovery information.
Sophos CDE for management of keys won’t be possible on the Server OS'. CDE is only able to record workstation recovery keys.
Regards,
