Microsoft Expands BitLocker Management Capabilities for the Enterprise
Enhanced Security and Control with BitLocker
The need for increased security, control and compliance across cloud products is an ever-growing requirement for enterprises. To meet these needs, Microsoft has recently expanded its BitLocker management capabilities to deliver enhanced security and control over data stored on devices. As a cloud architect, it’s important to understand what these new capabilities are and how they can help you protect your organization’s data.
What is BitLocker?
BitLocker is a full-disk encryption feature available on Windows 10 and Windows Server that helps protect your data by encrypting the entire drive of the device. BitLocker helps protect data by encrypting the entire drive of the device, ensuring that no unauthorized access can occur. It also helps protect against data theft or exposure from lost, stolen, or inappropriately decommissioned devices.
What are the New BitLocker Management Capabilities?
Microsoft has recently announced new BitLocker management capabilities to help enterprises better secure their data. The new capabilities include:
* Ability to deploy BitLocker on Windows 10 devices through Microsoft Intune and Windows Autopilot
* Ability to centrally manage BitLocker policies through Intune
* Ability to configure BitLocker recovery and encryption methods
* Ability to view BitLocker status on devices
* Ability to reset BitLocker PINs and recovery keys
These new capabilities allow organizations to deploy and centrally manage BitLocker across their devices. This helps ensure that devices are properly encrypted and that the data stored on them is secure.
Using PowerShell to Manage BitLocker
Organizations that want to take advantage of the new BitLocker management capabilities can do so using PowerShell. PowerShell provides a powerful scripting language that can be used to configure, deploy, and manage BitLocker across multiple devices.
For example, the following PowerShell script can be used to deploy BitLocker on Windows 10 devices through Intune and Windows Autopilot:
Set-BitLocker -AutoUnlock -On
Set-BitLocker -AutoUnlock -On -RecoveryMethod Key
Set-BitLocker -AutoUnlock -On -RecoveryMethod Key -KeyProtectorId “abc123”
Set-BitLocker -AutoUnlock -On -RecoveryMethod PIN
Set-BitLocker -AutoUnlock -On -RecoveryMethod PIN -PINProtectorId “abc123”
Set-BitLocker -AutoUnlock -On -RecoveryMethod Password
Set-BitLocker -AutoUnlock -On -RecoveryMethod Password -PasswordProtectorId “abc123”
Set-BitLocker -AutoUnlock -On -RecoveryMethod TPM
Organizations can also use PowerShell to configure BitLocker policies, view BitLocker status on devices, and reset BitLocker PINs and recovery keys.
The new Microsoft BitLocker management capabilities provide organizations with increased security, control and compliance over their data. Organizations can take advantage of these new capabilities by using PowerShell to configure, deploy, and manage BitLocker across multiple devices. As a cloud architect, it’s important to understand the value of these new capabilities and how they can help you protect your organization’s data.