Skip to content

Encryption for endpoints with Windows operating systems


This feature is supported on installed drives only. It is not yet available for removable drives.

Coro lets you remote encrypt disks on endpoint devices.

The device does not have to be online at the time you apply encryption. Once you set encryption in motion, the next time the device comes back online, it will be completed.

Encrypt a drive

Coro applies disk encryption in computers that are running on MS Windows using BitLocker. You do not have to interact with BitLocker during the process.

Encrypt the drive for a device

  1. From the Actionboard:

    Navigate to the Ticket Log area. OR Click Devices to scroll down to the device summary and click the Unencrypted Endpoint Drive link for any device.

    The Ticket Log is displayed.

  2. From the relevant ticket, select Actions > Encrypt drive.


    If multiple drives must be encrypted, the order of encryption is: first the drive where the operating system is installed and then other drives.

  3. Alternatively, select the Close ticket upon confirmation checkbox to instruct Coro to automatically close the ticket once the device is encrypted.

  4. In the confirmation that is displayed, click Yes.

    The Activity Log updates with a notification that drive encryption has been requested for the device. Following verification that the drive can be encrypted, Coro performs the encryption and updates the notification to "Encryption succeeded".

    For your convenience, the recovery key for accessing the encrypted data appears in the Activity Log.

    Drive encryption on device

Check summary status of all the devices in a workspace

You can quickly find the devices that have unencrypted drive status in several ways.

Here is one:

  1. In the Actionboard, click Devices.

    Devices panel

  2. Click the View link.

  3. Click through individual devices to find Unencrypted Endpoint Drive detection. For example:

    Unencrypted drive detection

Filter on unencrypted endpoint drives

You can filter the devices in a workspace that are unencrypted.

Use this method to show all the devices in a workspace that have unencrypted drives.

  1. In the Actionboard, click Devices.

  2. From the filters along the top of the screen, select Vulnerability > Unencrypted Endpoint Drive.

    Only those devices with unencrypted drives are displayed.

    Unencrypted endpoint drive filter