I’ve been encrypting my Windows 11 devices using an Endpoint security disk encryption policy for a while now and haven’t had any issues. That’s until today.
Turns out there’s a known issue around this, which I haven’t encountered until now.
If the device in question doesn’t support Modern Standby, you will have to combine the ‘old’ Endpoint protection policies with the new Endpoint security policies. My findings down below.
If the device is HSTI-compliant but doesn’t support Modern Standby, an endpoint protection policy has to be configured to enforce silent BitLocker drive encryption