diff --git a/Group Policies/Computer Configuration/Windows Components/Bitlocker Drive Encryption.md b/Group Policies/Computer Configuration/Windows Components/Bitlocker Drive Encryption.md
index bc4aeb3..4b70d3b 100644
--- a/Group Policies/Computer Configuration/Windows Components/Bitlocker Drive Encryption.md	
+++ b/Group Policies/Computer Configuration/Windows Components/Bitlocker Drive Encryption.md	
@@ -4,7 +4,9 @@
 
 Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later) -> Enable -> XTS-AES 256-bit for operating system, fixed data, and removable drives.
 
+**The disable new DMA devices when computer is locked should only be enabled if your computer does not support kernel DMA protection.**
+
 ## Operating System Drives
 
 - Require additional authentication at startup -> Enabled -> Do not allow TPM, Allow startup PIN with TPM, Do not allow startup key with TPM, Allow startup key and PIN with TPM. (**This is especially important as we do not want the TPM to automatically release the encryption key at boot.**)
-- Allow enhanced PINs for startup -> Enabled.
+- Allow enhanced PINs for startup -> Enabled.
\ No newline at end of file