You can set up BitLocker policies to automatically encrypt drives on devices that have BitLocker available.
BitLocker policies encrypt all drives on TPM devices they are applied to.
A default policy has been set up for you. For more information, see Understanding the Default BitLocker Policy, below.
You can also create your own BitLocker policy and define settings such as auto-application rules. For more information, see Creating BitLocker Policies.
Using BitLocker Without a Policy
For information on working with BitLocker without using policies, see Encrypting and Decrypting Drives with BitLocker.
What Happens When a BitLocker Policy is Removed
Drives that are encrypted through a BitLocker policy are not decrypted when the policy is removed. You must decrypt those drives manually.
See Decrypting Drives that Use a BitLocker Policy in Encrypting and Decrypting Drives with BitLocker .
Understanding the Default BitLocker Policy
A default BitLocker policy, called Default BitLocker Policy , has been created for you.
This policy encrypts every eligible drive on devices it is applied to, including workstations and servers.
You can’t change the default policy’s name or description, and you can’t delete the default policy.
The default policy is not added to a service by default. To enable it, you must add it to a service.