Decrypt a single device

You can decrypt and remove Disk Encryption Manager from a single device. Note that when you decrypt a device, you remove all encryption from all drives. If you need to re-enable encryption, you need to run the encryption process again.

To decrypt on many devices, see Decrypt multiple devices.

  1. Click ViewAll Devices and click the name of the device.
  2. Click SettingsSecurity Manager.
  3. Click to clear the check box for Enable Disk Encryption.
  4. You have the option to Leave the device encrypted or Decrypt all volumes.
  5. Bitlocker is natively part of the device system. If you chose to remove the Disk Encryption Manager from a device and leave the disk encrypted, you will lose the management capabilities. Ensure you collect all recovery keys before choosing this option. You should ALWAYS obtain the recovery key. SolarWinds MSP does not store or backup recovery keys. If something goes wrong with the decryption, and you removed the device from SolarWinds N-central, there is no way to recall the recovery keys or unlock the drive. SolarWinds N-central stores deleted device recovery keys for 90 days.

  6. Select whether to run the decryption right away or during a maintenance window when the device is not in use.
  7. Click Save.

BitLocker begins the decryption process on the disk drives of the device. The user will see a message indicating that the decryption process has started.