Already a NinjaOne customer? Log in to view more guides and the latest updates.

BitLocker and FileVault Encryption Key Management

  • Last Updated January 27, 2026

Topic

This article explains how to monitor disk encryption on your devices from NinjaOne. 

Environment

  • NinjaOne Endpoint Management
  • Microsoft Windows
  • Apple macOS

Description

NinjaOne's BitLocker and FileVault encryption management allows you to monitor disk encryption on Windows and macOS devices (BitLocker for Windows, FileVault for macOS) directly from the NinjaOne console.

Index

  •  

Check the BitLocker Status

To review the status of BitLocker on your device, perform the following steps:

  1. Navigate to the device dashboard in NinjaOne. You can filter for specific device qualities in the Devices search grid. Refer to Find and Manage Endpoints from the Devices Search Page for more information. 
  2. Open the Details tab on the device dashboard.
  3. Select Disk Volume from the menu on the left.
device details_disk volume.png
Figure 1: Device dashboard → Details → Disk volume (click to enlarge)

The BitLocker Status will be listed for each volume.

Encryption needs to be fully complete on a device in order for BitLocker to show as "Enabled". Additionally, if a drive is locked, BitLocker will display as "Disabled" for that drive.
  1. If BitLocker is enabled, click the starred hyperlink next to Recovery Key to view the key. You will also have the option to copy the recovery key to your clipboard.
bitlocker_missing recovery key.png
Figure 2: Disk volume details → Missing recovery key (click to enlarge)
If you do not have a recovery password configured for a BitLocker encrypted volume, then NinjaOne will not be able to retrieve the recovery key.

Check the FileVault Status

To review the status of FileVault on your device, perform the following steps:

  1. Navigate to the device dashboard in NinjaOne. 
  2. Open the Details tab.
  3. Select Disk Volume from the menu on the left.
    The FileVault Status will be listed for each volume.

Enable Notifications for BitLocker or FileVault Status Changes

To receive notifications for status changes, perform the following steps:

  1. Navigate to the policy editor (AdministrationPolicies) for which you would like to enable BitLocker or FileVault activity notifications, and open the Activities tab.
  2. Depending on the policy editor opened (for Windows or for macOS), you must expand the applicable dropdown. 

policy_activities_filevault.png
Figure 3: NinjaOne → Mac policy configuration page → Activities → Mac FileVault activities

  1. Click the BitLocker or FileVault activity needing notifications enabled.
    The Activity configuration modal displays. 
  2. Use the dropdown tools to set up notification details and channels. For more information about activities, refer to NinjaOne Platform: Device and System Activity Notification Feed.

Additional Resources

You can utilize conditions to monitor BitLocker and FileVault status and report on this information.

For a list of frequently asked questions about BitLocker/FileVault management, please see BitLocker and FileVault Encryption Key Management: FAQ.

FAQ

Next Steps