Besides you current GPO settings:
Navigate to:
Computer Configuration > Policies > Administrative Templates > Windows Components > BitLocker Drive Encryption > Removable Data Drives.
Find the policy Choose how BitLocker-protected removable drives can be recovered.
Enable the policy and check the options Save BitLocker recovery information to Active Directory Domain Services, and Do not enable BitLocker until recovery information is stored to AD DS for removable data drives.
Update Group Policy settings with gpupdate /force
About your concern:
allow only Apricorn hardware encrypted drives and disallowing all others
Unfortunately, We can’t achieve it only use Windows built-in configurations or features. I ever used Symantec for allowing specific USB device and blocking all other USB devices, which can recognize USB device by their hardware ID.
-------------------------------------------------------------------------------------
If the Answer is helpful, please click "Accept Answer" and upvote it.
Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.