Microsoft BitLocker Reviews

• Integration with System Center Configuration Manager (C: and D: logical drives are encrypted before installing Windows via SCCM).
• Use of the computer's TMP to not have to request PIN for the user.
• In Windows 10 (1511) the TPM supports the XTS-AES encryption algorithm.

Before BitLocker we used the DELL disk protection through the BIOS. This protection is not very efficient and the user needs a PIN to unlock the computer. With BitLocker I guarantee the protection of the disk and the configuration is transparent to the user.

The implementation of BitLocker is not simple. There are many prerequisites and hours of study and testing. We have had some communication problems between Windows 10 and TMP and, in some cases, the computer does not work and we need to generate a new key in MBAM.

We tested the solution for four months on all computer models we have before placing it in the production environment.

Yes. We had communication problems between the OS and TPM 1.2 of the computer. It is best to use computers with TPM 2.0.

No. We have 1200 computers and the environment, with one MBAM server and one SQL, is supporting the environment. I do not know how scalability is using Active Directory to store the encryption keys.

There is a lot of documentation in English and Brazilian Portuguese. To date, we have not needed Microsoft technical support.

No. Symantec, Dell and McAfee solutions for disk encryption are expensive and some of them use BitLocker behind the solution, but are very expensive.

The initial setup is simple. You have the task of turning on the TPM of all computers before attempting to use the BitLocker. When using MBAM + SCCM + SQL it is important to have a CA root in your environment to issue the digital certificate to the MBAM.

BitLocker is already in Windows 10 and its price has already been "paid". To use another disk encryption solution you have to analyze well the needs of each company and how much data is critical to the business.

I evaluated solutions from DELL, Symantec and McAfee. Among all, Symantec has a good solution, but very expensive.

We are using BitLocker for Windows 10 (which depends on TPM 1.2 or greater) being managed by MBAM 2.5 with SQL Server database to store the encryption keys. BitLocker is configured to use Active Directory or SQL to store the encryption keys. When using AD, the keys are stored in an unprotected directory. When using SQL, the stored keys are stored in an encrypted database.

I recommend that you study many hours before you start testing. Take the MBAM test at Microsoft's website.

Study TPM 1.2 and 2.0.

Use SQL to store the encryption keys and not the Active Directory, so you leave the AD free of high processing and add a layer of protection with the encryption of the database.

It is important to test on ALL models of computers, there is always a model that will not work.

We use BitLocker to secure external disks according to security policy. Every external disk, regardless of size, is encrypted with BitLocker for everyday use. The password is securely stored in a designated location. Additionally, client PCs are also equipped with BitLocker for basic security measures.

BitLocker serves as a layer of security for any external drives users use, ensuring that any data stored on them, whether for local backups or important files, remains protected. 

We opt for a data loss prevention solution. I evaluate different vendors, including Microsoft BitLocker, as part of this process. Each step of the implementation is carefully planned, as every aspect of data protection is crucial.

BitLocker could have a more user-friendly interface at a lower price. There are no regular updates for it. If they introduce new features, the new version might offer improvements or enhancements in the future.

I have been using Microsoft BitLocker for two years.

The product is stable, with no significant impact. Its primary function is to enhance security, and its reliability depends on the company's implementation. It protects at a basic level.

The solution's scalability is limited as it is designed for individual devices on-premises. Each local device requires its password, with no centralized management or options for scalability across multiple devices.

If you lose the passwords, then you need Microsoft support. You have multiple recovery options like printed, saved password, and rolled hash key.

The initial setup is very easy. If you want to use BitLocker on the system, different steps are involved. If you only want to encrypt external drives, it's easier, especially if the external disk is blank.

BitLocker provides benefits such as security and protection for data at a basic level. BitLocker can be a satisfactory solution with sufficient security. BitLocker meets our needs adequately.

No separate license is required for BitLocker. It is included in Windows operating system editions.

Bitlocker is easy to use. You can find a lot of information on how to use it on many informational sites, but the process is straightforward: follow the "next, next, finish" steps. It takes time, depending on whether you're encrypting an external disk or a disk with existing data. If the disk is empty, the process is speedy.

Overall, I rate the solution a ten out of ten.

BitLocker is a feature of which enables hard drive encryption. It's similar to Symantec Endpoint Encryption. For us, both go hand-in-hand, however, BitLocker has an advantage in that it stores the key in TPM. 

The hard drive encryption is very good.

Right now, the problem for us is, if a laptop is stolen, how they address it with the hard drive if it is already protected in BitLocker? We cannot protect anything until we have a centralized server feed where w can get all the information from all the laptop and the device if it does get stolen. Currently, to solve this, we are using a solution called Unbound.

I'm a hardcore developer. I don't know whether the solution has any source files. That said, I don't see anything that's really lacking, feature-wise. 

It's possible that the time it takes to pull items in to BitLocker could be reduced a bit. It can take a long time - sometimes up to 90 minutes.

I've been using the solution since I started working for my current company. I haven't been with them for so long and therefore haven't been working with the solution for too long just yet.

We have about 80,000 laptops and an encryption rate of approximately 99%. The stability seems to be pretty good.

I haven't attempted to scale the solution. I wouldn't be able to properly discuss how scalable it is at this time.

Currently, we have the solution on approximately 80,000 laptops.

I'm not sure if we will increase usage. I'm actually considering changing the solution in the near future.

I haven't really had any contact with technical support. Since I've never used them, I can't really discuss if they are responsive or knowledgable. Right now, my sole purpose is to look for an alternative to Unbound, and therefore I don't work too much with BitLocker troubleshooting.

I didn't handle the initial setup. It would be impossible for me to discuss the process or to talk about if it is difficult or straightforward. I didn't handle any aspect of the implementation.

I'm not really involved in the pricing aspect of the solution. I don't know if it is expensive or reasonably priced.

I essentially joined the company and since I got here all the laptops and endpoints have been encrypted using BitLocker. We are using IBM as management for all the data and to stop Microsoft from taking away Unbound support.

We are looking for an alternative. We're curious about Symantec or endpoint encryptions that I can use with BitLocker, on top of the Symantec client that I have. 

We're using the latest version of the solution, from what I understand. We load the solution directly onto laptops.

I would recommend the solution. However, if I find another endpoint solution, I may switch. I'm not tied to this product.

I don't have a lot of experience on the solution just yet. I'm still evaluating it in a lot of ways, and discovering the features.

I'd rate the solution seven out of ten.

We use Microsoft BitLocker to encrypt the data.

Before logging into the system, we enable Microsoft BitLocker so that the data will be automatically encrypted.

The best feature of Microsoft BitLocker is how it encrypts the data. The solution has a feature that automatically asks the users to upgrade their password once we set up the process. Microsoft BitLocker will not allow users to have the same password for the next five to six times.

The solution’s user interface could be improved.

I have been using Microsoft BitLocker for six to seven years.

Microsoft BitLocker is a stable solution.

Microsoft BitLocker is a scalable solution. More than 5,00,000 users are using the solution.

The solution’s initial setup is straightforward for an end user.

Microsoft BitLocker is a cloud-based solution. I would recommend Microsoft BitLocker to other users. The solution's performance lags a little. Your process will get a bit slow whenever you start encrypting the data.

I rate the solution a five out of ten for ease of use and effectiveness.

Overall, I rate Microsoft BitLocker an eight out of ten.

We use the solution for encryption.

Microsoft BitLocker is a Microsoft native product that provides good encryption.

The solution should have a better user interface and dashboard.

I have been using Microsoft BitLocker for four to five years.

I rate the solution’s stability an eight out of ten.

Around 80,000 users use the solution in our organization.

I rate the solution’s scalability ten out of ten.

The solution's technical support team asks for a lot of logs.

Neutral

The solution's competitor is Trellix. Trellix is a bit better than Microsoft BitLocker because it has a very good reporting feature.

The solution's initial setup is complex.

I deployed the solution by myself in a couple of days.

On a scale from one to ten, where one is expensive and ten is cheap, I rate the solution's pricing an eight out of ten.

The solution's recovery option works fine to support our data security strategy. We integrate the Azure OpenAI tool with Microsoft BitLocker. I would recommend the solution to other users.

Overall, I rate the solution a seven out of ten.

The primary use case of this solution is to encrypt all of our laptops. If they are ever lost then they are useless to anybody, unless they have the key. 

Our keys are stored in our Active Directory, making it impossible for anyone to decrypt what we have in our devices.

The most valuable feature is the simplicity and integration with the Microsoft Clouds platform. I can store the keys to the devices kept in my Active Directory in Microsoft Azure.

In the next generation, it could have a higher level of encryption.

I would like to be able to encrypt our cloud tenancy.

I would like to have the ability to encrypt a cloud-based server with BitLocker.

I have been using this solution for six months.

The stability is fine. It has no impact on performance or negligible impact on performance. No one notices.

The scalability is essentially unlimited.

We have 60 users who are everyone from the CEO to the standard line worker.

Everyone in our organization is encrypted with BitLocker, in addition to all of our devices. 

All of our laptops, PCs, and all of our interactive devices are encrypted with BitLocker.

I have contacted Microsoft technical support for other issues and they are very responsive and very quick to follow up. 

Solutions are not always there, but I find Microsoft support reasonable.

I haven't needed technical support for BitLocker.

There was no other solution in place. We deployed BitLocker because it fits within our strategy for the environment that we were building, which is a no-infrastructure infrastructure.

The initial setup was very simple.

We expected that the devices had to encrypt themselves once we initiated BitLocker.

Deploying them and having the encryption run only took a few days to implement. This was all being done in the background and no one was impacted while they worked.

We only need one staff member for deployment and no one for maintenance, as it is auto-updating from the Microsoft Cloud.

We implemented this solution internally. 

The cost of this solution is bundled in with part of the subscription for the Microsoft Cloud. 

We have users subscribed to Enterprise E5 and it comes with E5.

We researched a few websites for comparative encryption, but we didn't want to introduce another vendor. BitLocker satisfied all of the criteria that we had. We don't need any military-grade or any military level or anything beyond those capabilities.

We have no infrastructure. Everything we have, our entire infrastructure, has moved and it's in the Microsoft Azure cloud.

This solution does everything that we need it to do. It is very convenient and it fits into our strategy of having everything in a homogeneous Microsoft Cloud. 

It is difficult to rate anything a ten as there may be future bugs or features that may be introduced, or if someone can discover how to hack it. At this time, we feel very safe and very covered with the encryption levels that we have with BitLocker.

I would rate this solution an eight out of ten.

I am a solution provider in Congo and I propose products such as Microsoft BitLocker to my customers.

My clients use this solution to protect their data in cases where computers are stolen. In this region, theft of computers from companies is quite common and the data that is stored needs to be protected.

The most valuable feature is the TPM (Trusted Platform Module), which makes the PC security stronger because somebody who is not from the team cannot access the PC without the decryption PIN. If the hard drive is removed from the computer then the data is still encrypted, and even a USB key can be protected by using this solution. This makes my customers very happy.

This solution is not cost-effective and it is easy to implement.

It is very easy to deploy BitLocker on machines that are running Microsoft Windows Server 2012 because it can be done automatically.

It takes a very long time to encrypt a disk, so I think that speed is something that can be improved. It can take more than two hours to encrypt a disk with one terabyte of data. When my clients are working, they don't really like having to look at a progress bar to tell them that the disk is in the process of being encrypted. If the encryption was faster then it would make the experience more pleasant.

I would like to be able to secure the hard drives of virtual machines.

Securing data transfer such as email and the more general internet connection would be very good.

They should improve the hybrid-cloud security and protect the network instead of just securing the computers.

I have been working with Microsoft BitLocker for less than a year.

I have not heard any feedback from my clients with respect to stability.

This solution scales easily. The server is centralized and every computer that joins the domain is automatically inserted. Each one is automatically configured and synchronized.

My customers are generally small companies with less than one thousand employees, so it would not be very easy to test scalability beyond that.

I have not been in contact with technical support. Rather, I use the forum to get information. They have great documentation, as well.

My client was not using another solution prior to this one. I proposed three different products, but they chose BitLocker because it is free. IT is not well understood by the clients in my country, so we need to offer services and they have to be at a low cost. They most often prefer to use solutions that are free, or included with Microsoft Windows.

It is very easy to set up and deploy Microsoft BitLocker.

You have to set up the central server, and the configuration may take a day or two. After this, all of you have to do is go to every employee and then launch it, after they choose a personal PIN.

I had some technical issues with one of my deployments, but everything was working properly by the end of the first day. My issues arose because not all of the PCs had an updated version of Windows 10, so it took me some time to work out how to do the upgrades properly. It is important because TPM 2.0 is not supported in Legacy. 

That was the very odd part of the solution, and what we needed to do was to make sure that all of the PCs had the same type of Windows license. Once this was done properly, most of the PCs could be encrypted at the same time. It still required going to every PC though, because each needs to be given a PIN and configured. This was a disruption to some of the employees and it would be better if IT had total control, being able to do this from a central server and then simply notifying each user of their PIN. If there were one thousand employees then this would take a really long time.

We perform the deployment of Microsoft BitLocker for our customers. Because each PC has to be checked after the server is running, it is easier to have more than one person to do this. I normally take one or two of my colleagues to assist me with this.

This solution is included with Microsoft Server and my clients did not have to pay for anything extra.

I am somewhat familiar with other solutions such as those by McAfee, Digital Guardian, and Trend Micro Endpoint Encryption. However, I do not know these products as well as Microsoft BitLocker.

Once I obtain certification on some of these other solutions, I will propose them to my clients as well. Digital Guardian is something that I have been reading about lately, and it looks very good.

The encryption solution was not something that I was really informed about, but I decided to study it and then propose it to my customers.

I propose two different deployment models; the cloud and on-premises. The internet connection fees here are expensive, so many people prefer to deploy on-site.

My advice for anybody who is implementing this solution is to have a good idea of what they want to do, prepare for it, and go for it. It is not really complex, yet it is a very rich solution to deploy.

The biggest lesson that I have learned from using Microsoft BitLocker is that it can help a lot of people, but it is not very well known. People need to be familiarized with this solution through discussion. Engaging customers and proposing it to them will really help with the security of IT infrastructure in an enterprise. You can secure all of your data, the transfer of your data, and even USB keys.

This may not be the best solution, but it is easy to deploy and easy to grow.

I would rate this solution a seven out of ten.

We use Microsoft BitLocker to encrypt employee devices for data protection.

The platform provides good performance.

The deployment process regarding prerequisites and automation could be easy to understand. It could be more transparent. Documentation should be more accessible and simplified, particularly directed towards small organizations, making it understandable for smaller setups.

A centralized management console with a web interface or dashboard for an implementation overview could exist.

We have 20 Microsoft BitLocker users in our organization. I want to deploy it on as many systems as possible for clients or users.

I refer to the support's knowledge base to resolve any issues.

The initial setup must be easy, but I couldn't understand the process. Some devices can automatically activate it. However, the documentation makes it seem like a complicated project to deploy. I would like to understand clearly how it works.

We work with an external IT service provider for the deployment.

The product's cost is included in Windows.

I recommend Microsoft BitLocker. It protects our endpoints and company data and helps secure the infrastructure. In case of suspicious activity, our data remains inaccessible.

However, they should also explore other easier options for IT professionals to understand. I rate the platform a six out of ten.