Find Devices With Bit Locker Not Enabled
Query
// This query identifies devices where BitLocker is not enabled on the C: drive.
EncryptableVolume
| where WindowsDriveLetter == "C:" and ProtectionStatus != "PROTECTED"
| project Device, WindowsDriveLetter, ProtectionStatus, EncryptionMethod, EncryptionPercentageExplanation
This query is designed to find devices where BitLocker encryption is not turned on for the C: drive. It looks at a table called EncryptableVolume and filters for entries where the drive letter is "C:" and the protection status is not "PROTECTED." The query then displays the device name, drive letter, protection status, encryption method, and the percentage of the drive that is encrypted.
Details

Ugur Koc
Released: February 28, 2025
Tables
EncryptableVolume
Keywords
EncryptableVolumeDevicesBitLockerDriveProtectionStatusEncryptionMethodEncryptionPercentage
Operators
EncryptableVolume|where==and!=project