Protecting Company Data -- Are You Doing It?

Information protection starts with protecting the data when the device is lost or stolen. Bitlocker is Microsoft’s solution for this scenario and it offers enterprise-grade full disk encryption. BitLocker also includes a feature called "Bitlocker to Go" which can protect your data when it’s placed on removable storage drives such as USB thumb drives. 

If your last look at BitLocker was with your Windows 7 deployment, Bitlocker has been dramatically enhanced since then. Competitively there were two key features struggled with. The first was related to management and that challenge was addressed in 2011 with the release of Microsoft BitLocker Administration and Monitoring (MBAM) 1.0 which ships with the Microsoft Desktop Optimization Pack (MDOP). Since 2011 Microsoft has rev’d MBAM three times bring it to a robust and mature state. Its already caused a huge surge of BitLocker adoption in all sectors including health care, financial, field services and even law enforcement.

The second compete challenge faced was with the Single Sign On (SSO) capabilities that Microsoft’s competition had from in solutions. Their implementations enabled you to unlock the drive and sign-in right in Windows with just a password, while BitLocker required a PIN to unlock the drive and then the user’s password to actually sign-in.  The advantage in experience came at a significant cost though, as the SSO implementations that the competition used have resulted in well documented deployment, performance, and reliability issues. BitLocker in Windows 7 doesn’t share those types of issues but of course that came at the cost of SSO.

The SSO solution Microsoft had in mind would take a little longer to deliver, but in the end has a superior offering. With Windows 10, the need for a PIN has been eliminated for a quickly growing number device types and provides a SSO experience that maintains the performance, reliability, deployment benefits that have made Bitlocker great. Maybe more importantly, the solution will meet your security expectations. And for the security geeks, that means “Yes, BitLocker can protect you from the cold boot attacks that created this whole SSO discussion in the first place”.

Compliance wise you are covered. BitLocker has a long tradition of Common Criteria and FIPS 140-2 certification and Microsoft continues to pursue these for Windows 10 such that organizations can adhere to regulations such as HIPPA, PCI DSS and more. 

The net-net is BitLocker is one of the best options, if not the best option, in the marketplace.

No Comments

Blog Archive