Windows 11 Adds a BitLocker Exclusion Policy for USB Drives

Microsoft has released a new Windows 11 build with a long list of changes, improvements, and fixes for known issues, available for all Windows Insiders that will install the Windows 11 Insider Preview Build 22579 pushed to the Dev Channel.

The build’s highlight, however, is a new policy for Windows admins who want to exclude USB removable drives from BitLocker encryption.

“This will solve the problem of automatic or accidental encryption of storage built into specialized devices like video cameras, voice recorders, conferencing systems, medical devices, and many more,” the Windows Insider team said.

“When this policy is enabled, you will not be able to encrypt storage that is on the exclusion list, and you will not be prompted for encryption if you connect such storage to a device while ‘Deny write access to removable drives not protected by BitLocker’ policy is enabled on it.”

Also Read: PDPA Compliance for the Telecommunication Sector

Right now, the new policy can only be configured by IT administrators via mobile device management (MDM) and Windows client custom profiles using OMA-URI (Open Mobile Alliance Uniform Resource Identifier) settings.

The detailed procedure admins have to go through to exclude storage from encryption requires them to gather the Hardware IDs of the devices they want to exclude and to configure the BitLocker Exclusion list Policy in Intune using the steps detailed in today’s announcement.

Microsoft asked Windows Insiders who will give the new policy a spin to file any feedback they have using the Feedback Hub (WIN + F) under Security and Privacy > BitLocker and Device Encryption.

Start menu and Get Started app changes

The new build also comes with an assortment of changes and improvements for the Start menu and the Started app, including the ability to name folders of apps in Start and site suggestions in the Get Started app that can be pinned to the taskbar.

“To find this new feature, launch the Get Started app and navigate to the ‘Apps and sites we think you’ll love’ page,” the Windows Insider team added.

Also Read: Domain spoofing: What is it and how to protect your business from it

“Click on any of the sites suggested on the page to pin it to your taskbar so you can access the sites you care about in one-click.”

Additionally, Microsoft added support for CD playback updates starting with Media Player Version 11.2202.42.0 and continuity for Office documents via deeper integration with Office for the Your Phone app.

Redmond also released new ISOs to allow Insiders to perform clean installs of the current build, ISos that can be downloaded from here.