Cloud Secure Edge Docs
Secure Connectivity
Policy Controls
Administer Cloud Secure Edge
More Resources
Disk Encryption
Automatically adjust Trust Levels and enforce security policies based on whether specific files are on a device
Updated On: Jun 30, 2025
Disk Encryption Overview
Disk Encryption assesses whether devices' disk encryption is enabled.
How to add Disk Encryption as a Trust Factor
In the Command Center, navigate from Trust > Profiles.
Either select an existing Trust Profile or create a new one.
Under the Trust Factors tab, select + Add Trust Factors if creating a new Trust Profile; select Edit and then +Add Trust Factors if adding new Trust Factors to an existing Trust Profile. Select Disk Encryption.
Set the Trust Effect.
How Cloud Secure Edge Collects the Disk Encryption Trust Factor
| OS | Command Input | Expected Output |
|---|---|---|
| macOS | fdesetup isactive | TRUE |
| Windows (pre v.3.6) | manage-bde -status | BitLocker Drive Encryption: ; Volume C: []; [OS Volume]; Size: x GB; BitLocker Version: x ; Conversion Status: Used Space Only Encrypted; Percentage Encrypted: 100.0% ; Encryption Method: XTS-AES 128 ; Protection Status: Protection On |
| Windows (v.3.6 and later) | Get-BitlockerVolume | ComputerName: x ; VolumeType; Mount CapacityGB, etc. |
| Linux | lsblk --json -o NAME,FSTYPE,MOUNTPOINT |
