We just raised a $30M Series A: Read our story

Microsoft BitLocker OverviewUNIXBusinessApplication

Microsoft BitLocker is the #1 ranked solution in our list of top Endpoint Encryption tools. It is most often compared to McAfee Complete Data Protection: Microsoft BitLocker vs McAfee Complete Data Protection

What is Microsoft BitLocker?

BitLocker is Microsoft's full disk encryption solution, which protects all of your data from theft, hacking or loss. BitLocker does this by encrypting the entire drive that hosts your Windows operating system and all your data.

BitLocker is available for all devices, including portable storage devices (such as external hard drives and USB flash drives). These portable devices are supported by a feature called BitLocker To Go, which is included in Windows 7 and 8, and in Windows Server 2008 R2 and Windows Server 2012. In Windows XP, encrypted devices can be read, but not written to, using the BitLocker To Go Reader program.

Microsoft BitLocker is also known as BitLocker, MS BitLocker.

Microsoft BitLocker Buyer's Guide

Download the Microsoft BitLocker Buyer's Guide including reviews and more. Updated: September 2021

Microsoft BitLocker Customers
ACV, Proaxis Therapy, Choice Hotels International, adnymics GmbH, Intermedia, NMBS/SNCB
Microsoft BitLocker Video

Pricing Advice

What users are saying about Microsoft BitLocker pricing:
  • "I don't know the costs. In terms of Microsoft licensing, we are at E3 on the business, and we're in the process of pricing out and moving to E5. So, a lot of this is included within our licensing agreements."
  • "This solution is included with Microsoft Server and my clients did not have to pay for anything extra."
  • "It's not about pricing, because we are working with Enterprise companies that already have Windows Enterprise, so BitLocker comes already included as a Windows feature. It's free for Enterprise users. The price is only for deployment. The customer will pay for McAfee, however."
  • "It is free. It is enabled as part of the operating system. Once you have an operating system license, you're licensed for Bitlocker."
  • "The cost of this solution is bundled in with part of the subscription for the Microsoft Cloud. We have users subscribed to Enterprise E5 and it comes with E5"

Microsoft BitLocker Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
JS
Information Security Manager at a renewables & environment company with 501-1,000 employees
Real User
Brings us in compliance, works with our Microsoft tools, and is pretty simple to deploy

Pros and Cons

  • "I liked the way it works with our Microsoft tools. As we roll out Intune, we can validate if the device has been encrypted, and if not, we can push it down. It is pretty simple to deploy."
  • "The biggest one for us is revoking access. So, even though someone downloads something to a device, we want the ability to cloak that device or data and bring it back or make that data unusable for that person. Currently, BitLocker doesn't give us that ability. It basically encrypts it. We're seeing if identity management or IAM allows us to do that. We're kind of looking at third-party software that does that for us."

What is our primary use case?

We use it for encrypting data and storage for the most part. We keep it up to date in terms of the version.

How has it helped my organization?

It basically brings us in compliance. We are required to encrypt the handling of data, the transmission of the data, and storage of the data. So, when people are working with the data, and they download it to the laptops, we can safely say it is encrypted at that point to meet our requirements. It is pretty transparent to the end-user since the encryption is done without them really doing it.

Our need was to protect our portable devices. So, our thumb drives get automatically encrypted. Any attached storage gets automatically encrypted for our laptops in case they get lost or stolen when people travel.

What is most valuable?

I liked the way it works with our Microsoft tools. As we roll out Intune, we can validate if the device has been encrypted, and if not, we can push it down. It is pretty simple to deploy. 

What needs improvement?

Their interoperability with our tools, which are the Microsoft tool, can be improved. It needs to be geared towards more of the wraparound of the zero trust. There are solutions we're looking at that do encryption plus X, Y, and Z. So, we're looking at the ability to wrap around the product with other features.

The biggest one for us is revoking access. So, even though someone downloads something to a device, we want the ability to cloak that device or data and bring it back or make that data unusable for that person. Currently, BitLocker doesn't give us that ability. It basically encrypts it. We're seeing if identity management or IAM allows us to do that. We're kind of looking at third-party software that does that for us.

Usually, Microsoft sees what other third-party companies do and then either adopts it or buys the third-party company, and that's kind of what we're looking into. That's our need. It'd be a lot better if it was all under one mirror or one window, instead of having a couple of different vendors working on it. So, if Microsoft could solve that, it would be awesome. They should look at the third-party enhancements that people are doing, and then take the encryption a step further by adding those features to BitLocker. Microsoft has different components. They have identity management, but is it tied to encryption? BitLocker is mostly tied to devices, but it would be best for me if I get a piece of data and I am able to encrypt it all the way through using BitLocker. Currently, BitLocker is basically tied at the device level instead of the data level.

I would just like them to look at what other people are doing in terms of encryption as a whole and offer the encryption not only tied to the device, but also to the file level. They should add features on that in terms of access control and reporting. We should be able to see who has access to it and who has touched a file. So, we're going towards the zero trust model and the zero trust reporting. It is a "We don't trust anybody" type of deal. So, it is not just the device, it is the data. They should try to wrap it around the data at the file level and not at the device level.

For how long have I used the solution?

I have been using this solution for about three years.

What do I think about the stability of the solution?

So far, so good. We haven't had too many problems with managing the keys or anything else. Probably the only concern is that we manage it. Individuals are not doing it themselves. The other thing is as we take over companies or merge companies, or the other way around, we have to make sure that we get those keys to the kingdom per se. So, we always got to look out for that as well.

What do I think about the scalability of the solution?

So far, so good. Mostly, anything we deal with Microsoft is pretty scalable. Again, it is kind of tied to devices, but you can essentially manage it, which makes it simple.

In terms of its usage, we force it on everybody, so it is non-binding. No matter who you are in a company, if you have a managed device, it is going to be encrypted. It is a requirement, so it is being used extensively. Its usage will increase as the number of employees increase.

How are customer service and technical support?

I don't think we've had many issues with them. We push it through our SolarWinds product, so for most of the issues we've had, we probably had to deal with SolarWind's side to make sure that everything was pushed correctly. We didn't go to the Microsoft side. Our software vendor might have dealt with Microsoft directly but not us.

Which solution did I use previously and why did I switch?

The only solutions that we've had in place were standalone encrypted thumb drives. We had not rolled out BitLocker until then, so we had a need to encrypt thumb drives. We had bought Aegis thumb drives that came encrypted. After we got the encryption rolled out, when someone connected a thumb drive, it was automatically encrypted, or they couldn't store data on it. Once we went to that method, we didn't purchase any more Aegis encrypted thumb drives.

How was the initial setup?

We have it on-prem, and we have a couple of devices in the cloud, but we are a hybrid environment. Our main thing was to get it on our traveling laptops and protect them. We push it through another vendor, not Microsoft. We push it through another SolarWinds vendor, and then we push it down. The only thing that we've had problems with was that the encryption level wasn't as high as we needed it by default. So, we had to do some tweaking to get the correct encryption level that we wanted. It is all default. So, you have to be aware of how you deploy it. If you deploy it one way, it doesn't really fully encrypt the machine.

It took days only because it was a slow rollout. It was intentionally a slow rollout. It didn't take long to do it, but we just wanted to make sure it was done right and correctly.

What about the implementation team?

We just implemented it in-house. In terms of maintenance, it is a small staff. We rely on our software to help us with the patching and everything. We have reports that kickback to us. If for some reason, encryption was turned off or encryption wasn't deployed correctly, we'd get reports sent to us. So, a lot of stuff is automated in terms of monitoring the compliance to encryptions, and our response to that is pretty fast. We just manage it with our current staff. We don't have anybody directly tied to just doing that.

What's my experience with pricing, setup cost, and licensing?

I don't know the costs. In terms of Microsoft licensing, we are at E3 on the business, and we're in the process of pricing out and moving to E5. So, a lot of this is included within our licensing agreements.

What other advice do I have?

If you don't implement this, you have to implement something else. You have to have some type of encryption. In the past, people wanted a layered approach to security. They wanted to have different vendors, and they wanted it to be able to have that overlap of vendor support on security, but the reality is that everybody looks to Microsoft. If you look at the SolarWind attack, who do they go to help resolve it? They went straight to Microsoft. Therefore, we're getting away from that thought process of divide and conquer. We're just trying to align everything up with a single pane of glass so that we can build on our Microsoft tools. In the past, we would have resisted being tied to one security.

I can't rate it any lower than eight out of 10. The only reason why I don't rate it a 10 is that they can do more with it. It is good at what it does, but it needs to do more. It is never going to get a 10 from me because it is never going to be perfect, but there is more to do. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Jos-Katengwa
Information Technology Specialist at Calculus system
Real User
Top 20
A cost-effective solution to protect data from physical theft, but the encryption process is slow

Pros and Cons

  • "The most valuable feature is the TPM (Trusted Platform Module), which makes the PC security stronger because somebody who is not from the team cannot access the PC without the decryption PIN."
  • "If the encryption was faster then it would make the experience more pleasant."

What is our primary use case?

I am a solution provider in Congo and I propose products such as Microsoft BitLocker to my customers.

My clients use this solution to protect their data in cases where computers are stolen. In this region, theft of computers from companies is quite common and the data that is stored needs to be protected.

What is most valuable?

The most valuable feature is the TPM (Trusted Platform Module), which makes the PC security stronger because somebody who is not from the team cannot access the PC without the decryption PIN. If the hard drive is removed from the computer then the data is still encrypted, and even a USB key can be protected by using this solution. This makes my customers very happy.

This solution is not cost-effective and it is easy to implement.

It is very easy to deploy BitLocker on machines that are running Microsoft Windows Server 2012 because it can be done automatically.

What needs improvement?

It takes a very long time to encrypt a disk, so I think that speed is something that can be improved. It can take more than two hours to encrypt a disk with one terabyte of data. When my clients are working, they don't really like having to look at a progress bar to tell them that the disk is in the process of being encrypted. If the encryption was faster then it would make the experience more pleasant.

I would like to be able to secure the hard drives of virtual machines.

Securing data transfer such as email and the more general internet connection would be very good.

They should improve the hybrid-cloud security and protect the network instead of just securing the computers.

For how long have I used the solution?

I have been working with Microsoft BitLocker for less than a year.

What do I think about the stability of the solution?

I have not heard any feedback from my clients with respect to stability.

What do I think about the scalability of the solution?

This solution scales easily. The server is centralized and every computer that joins the domain is automatically inserted. Each one is automatically configured and synchronized.

My customers are generally small companies with less than one thousand employees, so it would not be very easy to test scalability beyond that.

How are customer service and technical support?

I have not been in contact with technical support. Rather, I use the forum to get information. They have great documentation, as well.

Which solution did I use previously and why did I switch?

My client was not using another solution prior to this one. I proposed three different products, but they chose BitLocker because it is free. IT is not well understood by the clients in my country, so we need to offer services and they have to be at a low cost. They most often prefer to use solutions that are free, or included with Microsoft Windows.

How was the initial setup?

It is very easy to set up and deploy Microsoft BitLocker.

You have to set up the central server, and the configuration may take a day or two. After this, all of you have to do is go to every employee and then launch it, after they choose a personal PIN.

I had some technical issues with one of my deployments, but everything was working properly by the end of the first day. My issues arose because not all of the PCs had an updated version of Windows 10, so it took me some time to work out how to do the upgrades properly. It is important because TPM 2.0 is not supported in Legacy. 

That was the very odd part of the solution, and what we needed to do was to make sure that all of the PCs had the same type of Windows license. Once this was done properly, most of the PCs could be encrypted at the same time. It still required going to every PC though, because each needs to be given a PIN and configured. This was a disruption to some of the employees and it would be better if IT had total control, being able to do this from a central server and then simply notifying each user of their PIN. If there were one thousand employees then this would take a really long time.

What about the implementation team?

We perform the deployment of Microsoft BitLocker for our customers. Because each PC has to be checked after the server is running, it is easier to have more than one person to do this. I normally take one or two of my colleagues to assist me with this.

What's my experience with pricing, setup cost, and licensing?

This solution is included with Microsoft Server and my clients did not have to pay for anything extra.

Which other solutions did I evaluate?

I am somewhat familiar with other solutions such as those by McAfee, Digital Guardian, and Trend Micro Endpoint Encryption. However, I do not know these products as well as Microsoft BitLocker.

Once I obtain certification on some of these other solutions, I will propose them to my clients as well. Digital Guardian is something that I have been reading about lately, and it looks very good.

What other advice do I have?

The encryption solution was not something that I was really informed about, but I decided to study it and then propose it to my customers.

I propose two different deployment models; the cloud and on-premises. The internet connection fees here are expensive, so many people prefer to deploy on-site.

My advice for anybody who is implementing this solution is to have a good idea of what they want to do, prepare for it, and go for it. It is not really complex, yet it is a very rich solution to deploy.

The biggest lesson that I have learned from using Microsoft BitLocker is that it can help a lot of people, but it is not very well known. People need to be familiarized with this solution through discussion. Engaging customers and proposing it to them will really help with the security of IT infrastructure in an enterprise. You can secure all of your data, the transfer of your data, and even USB keys.

This may not be the best solution, but it is easy to deploy and easy to grow.

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Learn what your peers think about Microsoft BitLocker. Get advice and tips from experienced pros sharing their opinions. Updated: September 2021.
540,694 professionals have used our research since 2012.
MohamedKhairy
Co-Founder & Enterprise Solutions Architect at Qtopia Tech. Solutions
Real User
Top 20
Easy to use and easy to recover someone's privacy

Pros and Cons

  • "It is easy to use. It is usually easy to recover someone's privacy. The manageability is much easier than McAfee. I think that Microsoft is a leader in this area. We are in the Microsoft school so our judgment of McAfee will be a little bit unfair as we recommend Microsoft all the time because of the easy manageability and support. I think that McAfee is designed for a different customer and every time we open a ticket with their support, it takes a very, very long time. The main difference is just the manageability and support. In terms of the solution itself or the functionality, I know that McAfee is very strong, but manageability and support, for us, is much more important. It's strengthens the solution for us."
  • "If integration with Active Directory are not mandatory for him, I think that there are many other solutions in the market that equal or are much stronger than Microsoft."

What is most valuable?

It is easy to use. It is usually easy to recover someone's privacy. The manageability is much easier than McAfee. I think that Microsoft is a leader in this area. We are in the Microsoft school so our judgment of McAfee will be a little bit unfair as we recommend Microsoft all the time because of the easy manageability and support. I think that McAfee is designed for a different customer and every time we open a ticket with their support, it takes a very, very long time. The main difference is just the manageability and support. In terms of the solution itself or the functionality, I know that McAfee is very strong, but manageability and support, for us, is much more important. It strengthens the solution for us.

For how long have I used the solution?

We've been using this solution for almost six years.

What do I think about the stability of the solution?

The solution is very stable. I think that it's easy to start.

What do I think about the scalability of the solution?

We tested with 300 users to date. The maximum deployment with it is for 300 users. That is not too much, but we are trying to scale it up. I don't think that we'll have a problem because it's the count for minimum deployment for Microsoft to support is already 5,000. I think that it can scale up to 5,000 without much hardware needed.

How was the initial setup?

It is usually based on the number of computers and how this will be leveraged by the user. A normal project takes from one to two months, depending on the numbers. These numbers are read on the different departments and different mindsets of the users, in order to convince them to start correcting their data and explain to them that you will force a policy that will have an impact on their laptops. Afterward, encourage them in how this is chiefly for them. Usually, it takes a month or two months maximum.

What's my experience with pricing, setup cost, and licensing?

It's not about pricing, because we are working with Enterprise companies that already have Windows Enterprise, so BitLocker comes already included as a Windows feature. It's free for Enterprise users. The price is only for deployment. The customer will pay for McAfee, however.

Which other solutions did I evaluate?

We are a partner for Microsoft here in Saudi Arabia, and one of our customers is interested in deploying Microsoft BitLocker to secure his computer devices and laptops, to encrypt all his data for hard disks, etc. I am already moving to read some documents and have some comparison between McAfee and BitLocker in order to convince the customer to install Microsoft BitLocker because from our insight we see that Microsoft BitLocker is much better than McAfee. That's why I was in need a document just to have a comparison between McAfee and Microsoft BitLocker.

From my point of view, Microsoft is much easier than McAfee. It is easy to deploy and integrate with Active Directory. Then, you have much more integration capabilities than McAfee. Microsoft is stronger and the integration between Microsoft ESP and all other Bit solutions is much better than McAfee. McAfee is a standalone solution right now that will not be efficient for the protection that we are aiming for. We need protection that integrates with all kinds of malware protection solutions. I think that Microsoft BitLocker is much better than McAfee.

What other advice do I have?

If anyone is looking for integration solutions and has a requirement related to integration between Active Directory and integration solutions, I think that he needs to strongly go to Microsoft BitLocker. If integration with Active Directory is not mandatory for him, I think that there are many other solutions in the market that equal or are much stronger than Microsoft.

I would give this solution an eight out of ten. In order to make it 9 or 10, I think that Microsoft would need to work on the desktop optimization deck that is coming with Microsoft to make the deployment much easier than what it is right now. Deployment is okay. As a partner, we can work on it without any issues, but some customers face issues deploying it by themselves because of the difficulty of understanding all of the requirements. The solution is very good and it is manageable for partners, because of their technical value or technical effort. For the level one customer help desk or administrator, however, it's not as easy. They should work on this part and make the deployment much easier.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
SW
Manager - ICT at a insurance company with 51-200 employees
Real User
Top 20
Free to use with Windows 10 and easy to set up but needs to be easier to manage

Pros and Cons

  • "It's my understanding that the initial setup is straightforward."
  • "At the end of it all, we are looking for something that can be easier to manage."

What is our primary use case?

We primarily use the solution for endpoint encryption.

What is most valuable?

We were using the solution due to the fact that it was free with the machines that have Windows 10. As an organization, we were not paying money to have it. If you have Windows 10 you don't have to worry about paying at all.

It's my understanding that the initial setup is straightforward.

What needs improvement?

I was looking for a better solution. It's my understanding that if you're just to generate that endpoint encryption and you just run it normally, it may not give you the actual protection you need as you don't have a centralized server.

At the end of it all, we are looking for something that can be easier to manage. Everything that you need to do manually can end up being an issue. If it's a product that can be automated, I would be happier with it. Right now, with the way it is arranged, it's a bit manual as it isn't centralized.

For how long have I used the solution?

I joined this company a year ago. I've used it just for a few months due to COVID, as we have not been using it. It's just been used for a few months; less than a year.

How are customer service and technical support?

I have not contacted technical support directly. I've mandated other team members to deal with them. On our side, the colleague who actually implemented the solution is also the point person who deals with technical issues.

He's reached out to Microsoft's technical support n the past. Last week, for example, he was engaged with them about some automation issues and about centralizing the solution.

However, due to the fact I haven't spoken with them, I can't speak to how helpful or responsive they are.

Which solution did I use previously and why did I switch?

At a previous company, I had used Symantec Endpoint Encryption.

How was the initial setup?

While I did not personally set up the solution myself, it's my understanding that the process is not overly complex. My colleague managed the process, and for them, it was quite straightforward. They didn't run into any issues. A company, in general, should be able to do it quite easily.

What's my experience with pricing, setup cost, and licensing?

The solution is completely free and available through Windows 10. We are not paying any licensing fees to use it.

What other advice do I have?

We are just a customer and an end-user. We don't have a business relationship with Microsoft.

We have not gone to a server model, like running it through a centralized location. This is due to the fact that we decided to deploy it normally through creating encryption keys and sharing those keys so that we are able to access the machine using the keys themselves.

It has not been fully loaded across the company as we are looking for solutions that can work for us as a main solution.

What I wanted us to do, whether it was via BitLocker or Symantec or whichever tool, was to have a centralized administration so that we are able to create those keys and are able to share them. We also want to be able to control them from a centralized location. That's the type of solution I'm looking for. I do not want things to be done manually. Centralized administration is very good for that.

Before I can recommend the solution, I would want to understand it fully. I'm working with my colleague to be able to understand what is its strengths and its weaknesses are. Most companies want simple tools that don't cost a lot of money. I haven't used this tool too much, and therefore can't properly evaluate it. We're currently hoping we can roll it out in a better way. That remains to be seen.

From what I have seen so far, I would rate the solution at a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
JM
ICT operations and security manager
Real User
Top 20
Free, native to OS, and doesn't require any maintenance, but can have better user profiles to allow people to create their own passwords

Pros and Cons

  • "It is free and native to the OS. We don't have to worry about upgrades or maintaining the product. You encrypt the disk, and you save the recovery key. That's it. The person puts their password in, and after that, it is up to them. If they forget their password, they have to bring it in to get it unlocked."
  • "User profiles can be improved so that people can create their own passwords. It has one password per machine, which is a problem. We would prefer each user to have his or her own boot password. Each user can have a username and password or biometrics, such as fingerprints and iris scanner, integrated into the boot process, but I really can't see that coming anytime soon, if ever."

What is our primary use case?

We encrypt devices and disks that have the potential to be taken off-site, such as laptops, tablets, USB sticks, and USB disks. Basically, we encrypt any medium that has to be taken off-site. If we're giving out a USB stick to somebody, it is BitLocker encrypted. If somebody has to use a memory stick, the only way it gets out is if it is encrypted. 

We use the version that is native to an operating system.

What is most valuable?

It is free and native to the OS. We don't have to worry about upgrades or maintaining the product. You encrypt the disk, and you save the recovery key. That's it. The person puts their password in, and after that, it is up to them. If they forget their password, they have to bring it in to get it unlocked.

What needs improvement?

User profiles can be improved so that people can create their own passwords. It has one password per machine, which is a problem. We would prefer each user to have his or her own boot password. Each user can have a username and password or biometrics, such as fingerprints and iris scanner, integrated into the boot process, but I really can't see that coming anytime soon, if ever.

For how long have I used the solution?

I have been using this solution for six or seven years.

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

It doesn't really need to scale. You use it as you need it and manage it with group policies. 

How are customer service and technical support?

There is no need for support.

Which solution did I use previously and why did I switch?

We've used a few different disk encryption products, and we've kind of settled on BitLocker because it is native to the operating system. It is simple, and there is no maintenance on it.

We also use Symantec at the moment, but we are retiring Symantec. We had trouble getting all the machines back into the office to change the disk encryption. We have a few left with Symantec. With Symantec, the version that we had was pretty old, and I wasn't sure if it would actually even work with some of the later builds of Windows 10. In terms of maintenance, with Symantec, every time there is a new build of Windows 10, you either have to defer the update while they update with Symantec, or you can install it and hope for the best. It is not a very satisfactory situation where you might have to wait six months before you can go up onto the latest build of Windows.

How was the initial setup?

It wasn't complex. It just took me a while to figure it out and make it do what I wanted it to do. Everything is documented, and you just follow the documentation.

It is deployed on all new computers, and it is part of the build. It doesn't take very long. It takes only 10 or 15 minutes. While the disk is encrypting, you can do other things.

What about the implementation team?

I deployed it on some of the computers. BitLocker is maintained as part of the operating system. If there are any updates to Bitlocker, they come out as operating system updates.

What's my experience with pricing, setup cost, and licensing?

It is free. It is enabled as part of the operating system. Once you have an operating system license, you're licensed for Bitlocker.

What other advice do I have?

I would recommend this solution. It is quick and neat, and it does the trick.

I would rate Microsoft BitLocker a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Darrin Leboeuf
Director IM/IT at Sustainable Development Technology Canada
Real User
Top 5
Encryption that provides protection that is ideal for our cloud-based environment

Pros and Cons

  • "The most valuable feature is the simplicity and integration with the Microsoft Clouds platform."
  • "I would like to be able to encrypt our cloud tenancy."

What is our primary use case?

The primary use case of this solution is to encrypt all of our laptops. If they are ever lost then they are useless to anybody, unless they have the key. 

Our keys are stored in our Active Directory, making it impossible for anyone to decrypt what we have in our devices.

What is most valuable?

The most valuable feature is the simplicity and integration with the Microsoft Clouds platform. I can store the keys to the devices kept in my Active Directory in Microsoft Azure.

What needs improvement?

In the next generation, it could have a higher level of encryption.

I would like to be able to encrypt our cloud tenancy.

I would like to have the ability to encrypt a cloud-based server with BitLocker.

For how long have I used the solution?

I have been using this solution for six months.

What do I think about the stability of the solution?

The stability is fine. It has no impact on performance or negligible impact on performance. No one notices.

What do I think about the scalability of the solution?

The scalability is essentially unlimited.

We have 60 users who are everyone from the CEO to the standard line worker.

Everyone in our organization is encrypted with BitLocker, in addition to all of our devices. 

All of our laptops, PCs, and all of our interactive devices are encrypted with BitLocker.

How are customer service and technical support?

I have contacted Microsoft technical support for other issues and they are very responsive and very quick to follow up. 

Solutions are not always there, but I find Microsoft support reasonable.

I haven't needed technical support for BitLocker.

Which solution did I use previously and why did I switch?

There was no other solution in place. We deployed BitLocker because it fits within our strategy for the environment that we were building, which is a no-infrastructure infrastructure.

How was the initial setup?

The initial setup was very simple.

We expected that the devices had to encrypt themselves once we initiated BitLocker.

Deploying them and having the encryption run only took a few days to implement. This was all being done in the background and no one was impacted while they worked.

We only need one staff member for deployment and no one for maintenance, as it is auto-updating from the Microsoft Cloud.

What about the implementation team?

We implemented this solution internally. 

What's my experience with pricing, setup cost, and licensing?

The cost of this solution is bundled in with part of the subscription for the Microsoft Cloud. 

We have users subscribed to Enterprise E5 and it comes with E5.

Which other solutions did I evaluate?

We researched a few websites for comparative encryption, but we didn't want to introduce another vendor. BitLocker satisfied all of the criteria that we had. We don't need any military-grade or any military level or anything beyond those capabilities.

What other advice do I have?

We have no infrastructure. Everything we have, our entire infrastructure, has moved and it's in the Microsoft Azure cloud.

This solution does everything that we need it to do. It is very convenient and it fits into our strategy of having everything in a homogeneous Microsoft Cloud. 

It is difficult to rate anything a ten as there may be future bugs or features that may be introduced, or if someone can discover how to hack it. At this time, we feel very safe and very covered with the encryption levels that we have with BitLocker.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
AP
Director, Cryptographic Engineering at a financial services firm with 10,001+ employees
Real User
Top 20
Stable with good encryption but unsure if it protects the hard drive of stolen laptops

Pros and Cons

  • "The hard drive encryption is very good."
  • "It's possible that the time it takes to pull items in to BitLocker could be reduced a bit."

What is our primary use case?

BitLocker is a feature of which enables hard drive encryption. It's similar to Symantec Endpoint Encryption. For us, both go hand-in-hand, however, BitLocker has an advantage in that it stores the key in TPM. 

What is most valuable?

The hard drive encryption is very good.

What needs improvement?

Right now, the problem for us is, if a laptop is stolen, how they address it with the hard drive if it is already protected in BitLocker? We cannot protect anything until we have a centralized server feed where w can get all the information from all the laptop and the device if it does get stolen. Currently, to solve this, we are using a solution called Unbound.

I'm a hardcore developer. I don't know whether the solution has any source files. That said, I don't see anything that's really lacking, feature-wise. 

It's possible that the time it takes to pull items in to BitLocker could be reduced a bit. It can take a long time - sometimes up to 90 minutes.

For how long have I used the solution?

I've been using the solution since I started working for my current company. I haven't been with them for so long and therefore haven't been working with the solution for too long just yet.

What do I think about the stability of the solution?

We have about 80,000 laptops and an encryption rate of approximately 99%. The stability seems to be pretty good.

What do I think about the scalability of the solution?

I haven't attempted to scale the solution. I wouldn't be able to properly discuss how scalable it is at this time.

Currently, we have the solution on approximately 80,000 laptops.

I'm not sure if we will increase usage. I'm actually considering changing the solution in the near future.

How are customer service and technical support?

I haven't really had any contact with technical support. Since I've never used them, I can't really discuss if they are responsive or knowledgable. Right now, my sole purpose is to look for an alternative to Unbound, and therefore I don't work too much with BitLocker troubleshooting.

How was the initial setup?

I didn't handle the initial setup. It would be impossible for me to discuss the process or to talk about if it is difficult or straightforward. I didn't handle any aspect of the implementation.

What's my experience with pricing, setup cost, and licensing?

I'm not really involved in the pricing aspect of the solution. I don't know if it is expensive or reasonably priced.

What other advice do I have?

I essentially joined the company and since I got here all the laptops and endpoints have been encrypted using BitLocker. We are using IBM as management for all the data and to stop Microsoft from taking away Unbound support.

We are looking for an alternative. We're curious about Symantec or endpoint encryptions that I can use with BitLocker, on top of the Symantec client that I have. 

We're using the latest version of the solution, from what I understand. We load the solution directly onto laptops.

I would recommend the solution. However, if I find another endpoint solution, I may switch. I'm not tied to this product.

I don't have a lot of experience on the solution just yet. I'm still evaluating it in a lot of ways, and discovering the features.

I'd rate the solution seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
BF
Desk Top Operation Manager at a government with 10,001+ employees
Real User
Top 10
Enables us to encrypt any agency data on our computers

Pros and Cons

  • "The solution works the way it's supposed to - stability and scalability are fine."
  • "Lacks a portal that can be managed rather than just existing."

What is our primary use case?

We use the solution ncrypt any agency data . We probably have about 3,800 users on 5,000 plus computers and there are a variety of roles with some people doing data entry all the way through to system administrators. We're a statewide agency. We'll probably increase usage in another few years when we have more computers. I work as the Desktop Operations Manager in the company and we're a customer of Microsoft. 

What needs improvement?

I think there is some room for improvement for end users and technical staff. They are the ones required to support the computers, learn how the solution functions and to troubleshoot. For now, they have to wing it most of the time and it could be better. 

For additional features, I'd like to see something more manageable by our agency. We had a portal where we could manage these. I know there are products out there that have portals where you can actually manage the BitLocker and that would be much better. If we lose a computer now it's unclear whether Absolute Computrace can find it if it's been encrypted. 
We have some issues with Microsoft about that. 

For how long have I used the solution?

I've been using this solution for four years. 

What do I think about the stability of the solution?

I think stability is fine. My personal impression is that it's working the way it's supposed to. I  believe that the problem is on the end user side because they don't know how it functions. They get frustrated and accidentally activate the blocker and get locked out. 

What do I think about the scalability of the solution?

We've never had a problem with that. 

How are customer service and technical support?

We really haven't had much technical support on this other than from Dell trying to help us and Microsoft telling us everything is fine. We've only just started trying to determine what the problem is so hopefully things will improve. 

Which solution did I use previously and why did I switch?

Before this, we used Wave but when they were bought out by another company we switched to BitLocker. 

How was the initial setup?

Initial setup was straightforward. 

What's my experience with pricing, setup cost, and licensing?

This is not my area but I don't think we pay annual licensing costs. I think we just pay for computer leasing, and all fees are included in the purchase. I don't think we're getting our money's worth because we're often unable to locate computers that have been lost. 

What other advice do I have?

I think it's important to involve the technical team when selecting a product and testing it out, rather than having the upper management make the decisions regarding which products to purchase. It's also important to get upfront support, technical support and maintenance, and maybe somehow get a portal where they can manage it themselves rather than it just kind of existing. 

I would rate this product an eight out of 10. It does what it's supposed to do and it's just the troubleshooting that's a problem.  

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Microsoft BitLocker Report and get advice and tips from experienced pros sharing their opinions.