Microsoft allows a system administrator to set a policy that requires the users to enable Bitlocker encyption on any device before it can be written to. This is a pretty foolproof system to ensure that company data is always encrypted (except that you can always turn off encryption on a device, which will decrypt (not destroy) the data.
It's pretty simple in it's use and only mildly frustrating as you're waiting for the device's first encryption (it can take quite a while on a 1TB portable drive).
Except when you want to put something on your Kindle, old iPod Touch or in my case today on a USB flash drive in order to make it UEFI boot compatible.
Luckily it's quite easy to temporarily (until the policy gets refreshed) disable this through a small registry tweak (which requires you to run as local administrator).
Simply import the following to turn off the policy check:
Import this snippet to revert back to the secure state:
This is quite probably a breach in the security policy of your company. Use at your own risk.
It's pretty simple in it's use and only mildly frustrating as you're waiting for the device's first encryption (it can take quite a while on a 1TB portable drive).
Except when you want to put something on your Kindle, old iPod Touch or in my case today on a USB flash drive in order to make it UEFI boot compatible.
Luckily it's quite easy to temporarily (until the policy gets refreshed) disable this through a small registry tweak (which requires you to run as local administrator).
Simply import the following to turn off the policy check:
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FVE] "RDVDenyWriteAccess"=dword:00000000
Import this snippet to revert back to the secure state:
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FVE] "RDVDenyWriteAccess"=dword:00000001
This is quite probably a breach in the security policy of your company. Use at your own risk.