Troubleshooting Windows Disk Encryption

You have installed the Vanta Agent and followed the steps to encrypt the disk on a Windows device. Vanta is still reporting that the disk is not encrypted. 

 

1. Confirm that the disk is fully encrypted with PowerShell

  • After opening PowerShell as an administrator, run the following command:
manage-bde -status

PowerShellEncryption.png

  • Ensure that the Percentage Encrypted is "100.0%" and that the Protection Status is "On." If this is not the case, there may have been an issue encrypting the disk, and you should attempt to re-encrypt it.

2. If you've confirmed with the instructions above that the disk is fully encrypted, please follow the steps below:

  • Uninstall the Vanta agent from the control panel or by running the following commands in PowerShell:
$application = Get-WmiObject -Class Win32_Product -Filter "Name = 'Vanta Agent'"
$application.Uninstall()
  • *Optional* Re-encrypt your machine to verify everything has been encrypted correctly
  • Restart your machine
  • Reinstall the Vanta Agent

3. If you've performed all of the steps above and disk encryption is still not showing correctly in Vanta for a machine, please send Vanta Support the following information:

  • A screenshot of the output of the manage-bde -status command ran in step 1 above
  • A screenshot of the following command run in Command Prompt as an administrator:
C:\PROGRA~1\Vanta\vanta-cli list encryption

VantaCliEncryptionStatus.png

  • A zipped file containing all available Vanta Agent Logs from C:\PROGRA~1\Vanta\log

VantaLogs.png

 

 

Updated