What is our primary use case?
We've been using BitLocker to secure our user systems.
What is most valuable?
One significant aspect is that without the BitLocker key, you can't log in to the user's laptop. I appreciate the capability to encrypt the user's hard drive, ensuring access only with the recovery key. In an enterprise setup, we store all BitLocker keys on our server.
So, whenever a user attempts to log in, the architecture authenticates with the key. This ensures that our data is secure. Even if the user's laptop is lost, we have confidence that the data remains inaccessible. So far, our user data is well-protected.
What needs improvement?
For improvement, as it is now, I do not have any support from anyone. There should be a web interface to manage BitLocker. But for now, all I do is just install a new product on the user's machine and create it.
I would like to be able to see everything that is happening, even if it is just through a web interface. I would also like to be able to see how many users are provisioned, which users are using BitLocker, and how to disable or enable it. That's what I would like to see.
For how long have I used the solution?
I've been using this solution for over seven years.
We're utilizing BitLocker, albeit an older version, to secure our user systems.
What do I think about the stability of the solution?
I've used it for the last seven years, and it's been reasonably stable. As long as Active Directory is up and running, then BitLocker is also fine for us.
What do I think about the scalability of the solution?
It is very scalable. There are about 150 to 200 users using this in our company.
We plan to increase the further usage. The more mobile devices and laptops we buy, the more licenses we require for those users.
How was the initial setup?
With newer versions of Windows, the initial setup has become better. It was a challenge with Windows 8 because you needed to first put the TPM in a certain mode and things like that. Where Windows 10 or Windows 11, once we enable BitLocker, it could be straightforward. So, there's been a lot of improvements in that.
What about the implementation team?
We have the expertise in-house, so we do it ourselves. The deployment is straightforward. You just go to one of your Active Directory components and enable BitLocker.
Enabling it on the server to allow users to come back to it, install the TPM on the user system, and then create the team and share it with the user. That's all. So it's straightforward. One of the most common times to add a system is when it's locked out on a user's machine. It takes us about 10 minutes then.
We require around two admins and technicians for the deployment and maintenance of the solution.
What was our ROI?
I have seen a return on investment because it's ensured that even when laptops are stolen, the users' data is protected because it's encrypted.
What's my experience with pricing, setup cost, and licensing?
For the version that comes on the machine, you don't need a license. But you may need a license for support. We need to license users on the individual virtual system.
Although, the license should be part of the product.
What other advice do I have?
I would highly recommend it. Even personal users should enable it. I encourage them to print out a copy of their recovery key and keep it somewhere safe.
Overall, I would rate the solution an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.