Microsoft BitLocker Overview

Microsoft BitLocker is the #1 ranked solution in our list of top Endpoint Encryption tools. It is most often compared to Symantec Endpoint Encryption: Microsoft BitLocker vs Symantec Endpoint Encryption

What is Microsoft BitLocker?

BitLocker is Microsoft's full disk encryption solution, which protects all of your data from theft, hacking or loss. BitLocker does this by encrypting the entire drive that hosts your Windows operating system and all your data.

BitLocker is available for all devices, including portable storage devices (such as external hard drives and USB flash drives). These portable devices are supported by a feature called BitLocker To Go, which is included in Windows 7 and 8, and in Windows Server 2008 R2 and Windows Server 2012. In Windows XP, encrypted devices can be read, but not written to, using the BitLocker To Go Reader program.

Microsoft BitLocker is also known as BitLocker, MS BitLocker, MS BitLocker, MS BitLocker.

Microsoft BitLocker Buyer's Guide

Download the Microsoft BitLocker Buyer's Guide including reviews and more. Updated: May 2021

Microsoft BitLocker Customers
ACV, Proaxis Therapy, Choice Hotels International, adnymics GmbH, Intermedia, NMBS/SNCB
Microsoft BitLocker Video

Filter Archived Reviews (More than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
YB
Senior System Manager at Teganalytics
Real User
Securely encrypts our data, but the process is too slow

What is our primary use case?

We use this solution to encrypt the data on three hard drives.

What needs improvement?

The following areas need improvement: The encryption takes a long time to complete, and our system runs very slowly while it is encrypting. If you lose the data, or it becomes corrupted, then there is no backup for it. There is no way of recovering it. There are no clear guidelines for using this product. Technical support for this solution is poor.

For how long have I used the solution?

Trial / evaluation period (six months).

What do I think about the stability of the solution?

The product is stable.

How are customer service and technical support?

There is no technical support that assists with understanding BitLocker.

Which solution did I use

Head of Operations (India) at a tech vendor with 51-200 employees
Real User
It is easy to implement and has AD integration

What is our primary use case?

Preventing data loss in stolen/lost laptops was the primary reason we went for it. It does its job adequately.

How has it helped my organization?

Whole disk encryption was what was required from us. Microsoft BitLocker has executed it with minimal effort.

What is most valuable?

Easy to implement AD integration It is a totally free solution. It is tightly integrated with Windows

What needs improvement?

More customization options would have been nice, such as password selection, actions when the screen is locked, etc.

For how long have I used the solution?

One to three years.
Learn what your peers think about Microsoft BitLocker. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
509,641 professionals have used our research since 2012.
Microsoft (Active Directory) Consultant at a logistics company with 5,001-10,000 employees
Consultant
Prevents Unauthorised Access to Corporate Data

What is our primary use case?

Protect corporate data on devices (Laptops, Desktops, Tablets). every week 100's of corporate devices lost just at airports and every device got personal/corporate data, its very important to protect such data from unauthorised use, hence is the solution to implement Microsoft Bitlocker Administration and Monitoring (MBAM)

What other advice do I have?

Look at TechNet for relevant documentation and test many times before implementing in your production environment.
IT Infrastructure Analyst at a tech services company with 501-1,000 employees
Real User
Provides disk protection while configuration is transparent to user, although implementation is complex

Pros and Cons

  • "Integration with System Center Configuration Manager (C: and D: logical drives are encrypted before installing Windows via SCCM)."
  • "The implementation of BitLocker is not simple. There are many prerequisites and hours of study and testing."

What other advice do I have?

We are using BitLocker for Windows 10 (which depends on TPM 1.2 or greater) being managed by MBAM 2.5 with SQL Server database to store the encryption keys. BitLocker is configured to use Active Directory or SQL to store the encryption keys. When using AD, the keys are stored in an unprotected directory. When using SQL, the stored keys are stored in an encrypted database. I recommend that you study many hours before you start testing. Take the MBAM test at Microsoft's website. Study TPM 1.2 and 2.0. Use SQL to store the encryption keys and not the Active Directory, so you leave the AD free of…
Operator at Halliburton
Real User
It did not conflict with Windows.

Pros and Cons

  • "Whole Disk Encryption is great. BitLocker runs seamlessly during boot up."
  • "There are options which could be implemented to make it a little more like PGP Whole Disk Encryption."
Infrastructure Specialist at a healthcare company with 1,001-5,000 employees
Vendor
Protects employee and enterprise data in case of loss of a laptop. Fills in part of an enterprise-wide security strategy.

What other advice do I have?

It is enhanced in Windows 10, supports PIN self-service and better encryption methods. Start experimenting in the lab to understand the hardware integration (TPM), encryption methods and (optional) PIN management. Fix your solution before rolling out, because changing parameters (like encryption) on computers where BitLocker is active is a heavy process in terms of time (decrypt/change/encrypt, etc.).
Info Sec Consultant at Size 41 Digital
Real User
ExpertTop 5
Bitlocker - defence in depth
Understanding your responsibilities for disaster recovery at a departmental level can be difficult; IT departments are holistic entities. We deal with systems, people, security, servers and infrastructure... but we also need to think about things at a granular level so we can ready ourselves for when a terrible system failure occurs - it always will. My problem was that we needed to ensure we had a very basic form of disaster recovery for our staff who were planning an event that gave us the biggest turnover of our year. Okay, so, our staff needed to take business critical information out of the office on something they could access individually. Yes, we could have used cloud storage but the staff needed full portability and access with or without the internet. Not to make a…
Security Expert at a tech company with 10,001+ employees
Vendor
IronKey verses BitLocker-To-Go with smart cards (part 1)
This post originally appeared on the Random Oracle blog at https://randomoracle.wordpress.com/2013/03/02/ironkey-verses-bitlocker-to-go-with-smart-cards-part-1/ IronKey is one of the better known examples of “secure flash drive,” a category of products targeted at enterprises and security-conscious users for portable storage with hardware encryption. From a certain perspective, this entire category owes its existence to a failure of smart card adoption in the same target market. All of the functionality of dedicated hardware encryption products can be implemented with equal or better security, at much lower cost and greater flexibility using general purpose smart cards and off-the-shelf software. Case in point: BitLocker-To-Go (“B2LG” for short) available in Windows 7 and later…
Security Expert at a tech company with 10,001+ employees
Vendor
IronKey verses BitLocker-To-Go with smart cards (part 2)
This post originally appeared on the Random Oracle blog at http://randomoracle.wordpress.com/2013/03/05/ironkey-verses-bitlocker-to-go-with-smart-cards-part-2/ The first post in this series described how the BitLocker-To-Go feature built into Windows can be used in conjunction with smart cards to encrypt removable drives, and offer an alternative to dedicated hardware such as IronKey devices with comparable security. In this second and final part, we continue the comparison focusing on scaling, cost effectiveness and ease of deployment. From a cost perspective, BL2G wins hands down: BL2G works for any external drive, as well as logical volumes and non-bootable partitions of internal drives. There is no need to acquire new hardware. Existing plain USB drives can be leveraged,…
Security Expert at a tech company with 10,001+ employees
Vendor
Using cloud services as glorified drive: BitLocker-To-Go (part III)
This post originally appeared on the Random Oracle blog at https://randomoracle.wordpress.com/2013/07/29/using-cloud-services-as-glorified-drive-bitlocker-to-go-part-iii/ The second post in this series described how to map storage at an arbitrary cloud storage provider as an ordinary local drive in Windows, using virtual hard disks. This post will look at how to encrypt that drive such that any information data backed up to the cloud remains private under the worst-case scenario: the service provider going rogue and deciding to rifle through user data. While there are many ways to encrypt storage locally, we are primarily interested in options supported out-of-the-box on common operating systems such as Windows. It turns out that there is a built-in feature with exactly the right…
IT Administrator at a tech services company with 51-200 employees
Consultant
Easy to set up and good performance.
BitLocker is easy to setup, it will automatically enable the TPM chip for you and prompt to save/print the recovery key. The biggest advantage I have seen is performance when compared with other whole disk encryption technologies. In my own studies, comparing BitLocker with another well known competitor, BitLocker encrypted drives have seen almost zero performance impact. Drives encrypted with the competition literally dropped in read/write performance by 50%. BitLocker is used in my environment for laptop drives and it meets our Coporate security compliance needs. If you try to reboot to safe mode or swap the hard drives, the laptop will prompt for the key to be entered before booting to Windows.
Systems Analyst at a tech company with 10,001+ employees
MSP
TrueCrypt vs Bitlocker
BitLocker uses your computer's TPM device, if it has one. If it does not, you'll be forced to use a USB memory stick to keep your key on. You can choose to use the USB option instead of the TPM. - Pro for TPM - easy to use. turn the PC on and it's ready to use. - Con for TPM - windows is super easy to get into even when a password is used. attacker can steal your whole computer and get into your system if they know what they're doing. it's not an advanced attack. - Pro for USB - take the drive with you wherever you go, attacker can't get in if you shutdown your PC when you leave your place. - Con for USB - if you lose the drive, you lose the key. you could, of course, print the key and keep it in a fireproof box. if you leave the USB drive with the PC, then it's like the "Con for…
Infrastructure Expert at a tech services company with 1,001-5,000 employees
Consultant
User friendly encryption solution

What other advice do I have?

From my own personal experience, Bitlocker is one of the easier ways to encrypt a drive. The inclusion of TPM and hardware support is a definite plus, as it allows it to work with smart cards and PIV cards from a government perspective.
Developer at a tech vendor with 51-200 employees
Vendor
A simple tool, but very useful to secure data

What other advice do I have?

As a student, I use flash drives frequently. Sometimes my colleagues borrow my flash and could potentially delete my important data. By encrypting my flash drive, I can avoid it. However, there are still a few problems with it. It comes only with the windows Ultimate and Enterprise editions, so the users who use other editions cannot use this tool. It takes a long time to encrypt a drive.
Manager of Data Center at a insurance company with 51-200 employees
Vendor
Bitlocker made us believe that having physical possession of a system is not total possession of the data.

What other advice do I have?

In order to avoid such an experience in the future, I was forced to search for a free tool that would help me encrypt my drive. Bitlocker was all we needed. To be sincere, I am not disappointed deploying the tool. All my drives are now encrypted. There is no fear of losing my job as a result of unauthorized access to my flash drives, and any other drives. Bitlocker also enabled us to encrypt the drive hosting the operating systems of our mobile users. All that the PC needs, is to be Trusted Platform Module (TPM) compliant, or rather, have a USB stick that contains the keys. This provides…
Buyer's Guide
Download our free Microsoft BitLocker Report and get advice and tips from experienced pros sharing their opinions.