It is to be examined whether Drivelock can be used to equip USB data carriers (which are to be procured internally via SAP - e.g. Kingston Data Traveler) with 2-factor authentication (2-FA). Or if other USB data carriers (sticks) are available on the market that fulfill a 2FA requirement.

We would like to give different users on our InTune managed notebooks access to certain devices based on Azure-AD groups and not to other users.

Integrate the full Unicode/UTF-8 character set for the BitLocker PBA.
Currently the € character is not accepted.
Example: the users log in to the PBA with their Windows data (login name and Windows password). The Windows password contains the special character €. This € symbol is currently not supported, displayed, accepted in the PBA, so this user cannot authenticate in the PBA.

In DriveLock Operation Center you should be able to create a view or widget that maps the DCC help desk function "ConfigID [Computer]" and displays the assigned policy names.
Such a view or widget could be used to filter out and display the devices that do not yet have all the necessary policies.

For a campaign via link to the Internet, it should be possible not only to open the link via the DriveLock window, but also via the standard browser. Possibly as an additional setting in the campaign or with a button "Open page in browser" on the campaign window. (or similar solution)
Unfortunately, the standard window does not display the entire content of a web page.

Status NOT COMPLIANT overwrites Status OK in DCC this is not good because a NOT Compliant Drivelock Agent is stil OK. There should be a separate sub status displayed, many customers turn off the compliant feature so it doesn't happen

In the policy when configuring the DriveLock PBA for Full Disk Encryption and BitLocker Management, it should be possible to define the domain so that it does not have to be done by the user at the first login. Optimal would be to be able to determine whether this can be changed or not.

It would be good to see if a client performs an update installation after the release or gives a status that something is happening.
Often we have the problem that users unintentionally turn off the devices during the drivelock installation, because they don't know that one is running. A popup or something like that would be nice.

Add an option to block connecting to the Internet by using usb tethering on your smartphone (android and apple).

Usb tethering creates a Remote NDIS based Internet Sharing Device.

With the new version 2020 we lost the ability in DriveLock Management console to have an overview on all defined CSP policies. This function was present in older version and is greatly missed by admins who controll multitenant environment.

Maybe a setting in the database can restore the view?

In the DCC, regular reports can be generated and distributed to specific recipients per May.
We need to generate reports on a daily basis, which is why a "previous day" report period would be desirable. Currently, the smallest selectable report period is "previous week", which results in each event having six duplicates in reports.

It should be possible to see the offered context via a kind of viewer before setting up a campaign.
This could be a PLAY button in the DOC for security awareness, or similar.

The DL Agent uninstallation should be complete.
Deleting all dl registry entries and directories would be nice.

It should be possible that when you create new campaigns, that I create, for example, several user login campaigns and every day / every week a different campaign is displayed, without the need to intervene. A kind of predefined schedule.
So that I can set granular, Monday campaign 1, Wednesday 2, Friday 3 always at user login.
Or even campaign 1 in week X on day Y, campaign 2 in week Z on day A,..........
And of course also for event triggered and for rule based.

As described in KBA00248, no "pass-through" of encrypted containers to USB sticks (Encryption 2-Go) larger than 4GB is possible in the Citrix world.
It would be nice to extend or even remove this limitation.