Users can decrypt a disk using the operating system (the Turn Off BitLocker function). After that, Kaspersky Endpoint Security will prompt the user to encrypt the disk again. Kaspersky Endpoint Security will be prompting to encrypt the disk unless you enable disk decryption in the policy.
Open the Kaspersky Security Center Administration Console.
In the Managed devices folder in the Administration Console tree, open the folder with the name of the administration group to which the relevant client computers belong.
In the workspace, select the Policies tab.
Select the necessary policy and double-click to open the policy properties.
In the policy window, select Data Encryption → Full Disk Encryption.
In the Encryption technology drop-down list, select BitLocker Drive Encryption.
In the Encryption mode drop-down list, select Decrypt all hard drives.
In the main window of the Web Console, select Devices → Policies & Profiles.
Click the name of the Kaspersky Endpoint Security policy.
The policy properties window opens.
Select the Application settings tab.
Go to Data Encryption → Full Disk Encryption.
Select the BitLocker Drive Encryption technology and follow the link to configure the settings.
The encryption settings open.
In the Encryption mode drop-down list, select Decrypt all hard drives.
Save your changes.
You can use the Encryption Monitor tool to control the disk encryption or decryption process on a user's computer. You can run the Encryption Monitor tool from the main application window.