Everything You Need to Know About Microsoft BitLocker

Executive Summary

‘Everything you need to know about Microsoft BitLocker’ is an easy to read blog post with its main purpose being to inform and give tips on how to properly handle data and how important it is to do so, to any CIO/CISO, business owner or anyone who is interested or in charge of the collection and ethically storing of data in their enterprise. ‘How does BitLocker work?’ will be the first topic introduced, as is the main and recurring topic throughout this whole blog post. However, to better understand this interesting to-use data encryption tool, you need to know more about data collection, data privacy, data security and why they are such an important asset to every organization. Each topic has been carefully picked and written with such detail so that you not only discover the great importance of having a data encryption tool but fully understand the whole concept of protecting and classifying data in the right way for your enterprise. BitTruster is an important tool in maintaining and managing Microsoft BitLocker without any extra unpredicted charges. You will not only be fully informed on protecting data but also given insight on the most important tools to use while doing so. Keep reading to find out more! Enjoy.

TABLE OF CONTENTS

• How does BitLocker work?
• Biggest mistakes companies make when securing data
• Why data privacy matters?
• Why does every enterprise need to have a data encryption software?
• How do you ensure data privacy?
• Does BitLocker alone offer a good enough protection?
• BitLocker Pros and Cons
• Managing BitLocker with BitTruster
• Who knew data encryption could be this simple?

Introduction

BitLocker is Microsoft Windows’s encryption tool that has the ability to encrypt the entire drive. Data encryption is highly important in any personal device or enterprise system because it performs the sensitive process of making any data unreadable without proper authorization. BitLocker is a tool that is available to anyone who has Windows 7 or any other higher version.

Microsoft truly changed the computer security world when they introduced BitLocker. It wasn’t the first encryption tool introduced to the market, however it was the first one with the disk encryption technology and OS coming from the same vendor, ultimately leading to a much better integration. All data that any company creates, stores, collects and exchanges is deemed to be the most valuable asset this company has. Safeguarding it from any external, unauthorized party saves them from potential financial loss, GDPR or CCPA fines, reputation damage, loss of their consumers’ trust etc. Who would want that, right? Therefore, knowing the ins and outs of BitLocker is crucial if you want to achieve full protection of your device/devices’ data. Before going more into detail, let’s clarify something. Is BitLocker right for you? Well, to better understand if BitLocker is the right tool for you then if the statements below apply, you truly need it:

1. I want all data to be secured in case of any device theft.
2. It is required in my job/company/enterprise that all data must be encrypted.
3. I want to make sure that all my data and my company’s data is safe and secured.
4. Extra peace of mind, knowing that my data is safe and no one is misusing it.

In this long but very entertaining and informative blog post, you will be able to find out more about everything concerning BitLocker. Why do enterprises need to secure data? Why should data privacy be made a business priority? And tips and tricks every CIO/CISO must absolutely know. I assure you that after finishing reading it, you will have an entirely different perspective on the huge impact and importance encryption and software management tools such as BitLocker and BitTruster have on this fast paced technological world and be a lot more conscious on how your company collects, shares and uses data.

How does BitLocker work?

Now that everything else is made clear, let’s jump to the real reason you’re here. How does BitLocker work? Since its creation, BitLocker has been designed to protect your data, all while being as ‘quiet’ as it possibly can. Meaning, that it’s an encryption tool technology that doesn’t interfere at all with everything else you’re doing. Let’s go step by step in order to explain everything.

System Integrity Verification

When the system is installed, BitLocker’s duty is to verify that nothing of significant importance has changed. Moreover, nothing that might impact the system security and its keys should be left unchecked because of potential unauthorized system intruders. Anything that might be a system integrity violation, will cause BitLocker to go on recovery mode so that the user or the IT department will be provided with a recovery key to get the data back out with BitLocker. There are three functions BitLocker uses for system integrity verification:

1. Secure Boot – In secure boot when the system starts, BitLocker looks at the hardware itself first. As the OS starts, BitLocker does a check-in all around as if it’s asking questions like – ‘Hey, does the hardware look right? Does it look the same as the last time? Has anything changed? Does it look like anything uncomfortable has been attached to the system or removed from the system?’ If there is a problem occurring, then it will immediately go on recovery mode.

2. Trusted Boot – In this case BitLocker wants to know if the tool itself has all the means necessary for all the data it will be touching and talking to. If not, then BitLocker is rightfully doubtful toward certain components of the system, whether they can be trusted or not. If they cannot be trusted, then this would be a factoring determinant whether BitLocker goes into recovery mode or not.  

3.  Measured Boot – The least known but one of the coolest functions, is definitely the measured boot. The measured boot is where the system is fully evaluated at the start up. Both the secure boot and the trusted boot are fully measured and the offload coming from them is fully measured. The report of the results is sent to a third party server somewhere on the shared network. The results are there to determine whether the system is compromised in a way that BitLocker is being fooled. The third party can actually measure that boot against previous boots and declare that there might be something wrong and go full on recovery mode or even flagging an administrator by alerting them that there might be something suspicious going on in the system.

Unlocking BitLocker – protected drives

BitLocker has been a part of Windows for a long time now and is considered to be a very mature and trusted software. It’s a tool that has proven itself to be very secure when it comes to safeguarding data. BitLocker works by encrypting entire drives, including your system drive, any other physical drive, or a virtual hard drive. To use BitLocker on your system drive, all you have to do is enable it, choose an unlock method and that’s it. It looks pretty simple when put like this right? Nonetheless, because BitLocker takes care of a highly sensitive process such as data encryption, it makes sure to provide really secure authentication so no system breach can happen. However, for those who are authorized to access the data there are several ways to unlock the BitLocker-protected data.

a.  TPM-only (Trusted Platform Module)

The Trusted Platform Module creates cryptographic keys and encodes them so that the only way they can be decoded is through TPM itself. The decoding process is commonly called ‘wrapping or binding a key to TPM’. TPM is a valid authentication method, however it is less secure than the other options, given that they require double authentication factors.

b. TPM with startup key 

If you want double protection on your data, then TPM accompanied by the startup key is needed. The startup key is usually stored on a USB flash drive and data found on the encrypted volume cannot be accessed without it. 

c. TPM with PIN

What’s the whole point of any authentication process really if you don’t use a PIN? BitLocker does the same. In addition to the protection that the Trusted Platform Module offers, BitLocker asks the user to enter his PIN before being given access to the data. However, the PIN is not stored on the encrypted device, meaning that there needs to be a better way to manage it. A key benefit of BitTruster is that it takes care of setting, managing and saving PINs. No more added stress for you!

d.  TPM with startup key and PIN

The fun part truly starts here. If you really want to have full on protection of the data, then the multi-factor authentication process is the one for you. Adding the encryption key that is safely stored on a USB flash drive and the PIN that is required to authenticate the user to the TPM, to the core protection that TPM-only provides, will make for a secure and protected authentication process.

Biggest mistakes companies make when securing data

Keeping sensitive data properly safeguarded and secure from any data breach and theft in today’s very fast paced high tech world, isn’t a very easy process. You probably got that already from what was written above. However, there are enterprises that still haven’t perfected the way they store and secure data. There are cases in which they don’t even know where their data is stored. Nonetheless, this is the perfect opportunity to learn what other enterprises are doing wrong so that you won’t do the same.

3 essential parts in order to achieve the proper protection of sensitive data

Properly handling data is highly complicated for sole users, let alone big enterprises that have a higher volume of information at stake. To simplify it, I recommend you keep two essential parts to achieve proper protection of sensitive data in mind:

1. Data classification
All data is important. However, there is data that would highly impact the enterprise if they get out and there is other data that would cause little to no impact. So what does data classification have to do with this? Well, a lot indeed. Every business, no matter how small or big, needs to make data classification a priority. A lot of industry experts recommend you classify data according to their sensitivity:

• Restricted data – The most sensitive data should go in here. Any data that could cause serious harm when compromised should be classified as restricted. The access to this data should be allowed for internal use only.
• Private data – The access to this data should also be internal only. In this case, data that leaks out will cause a moderate risk for the company.
• Public data – This is the least sensitive data your enterprise has stored. Little to no harm is caused to the enterprise if this data is compromised.

2. Data encryption

Encryption of data at rest is all about encrypting the data that is stored in the database and is not moving through networks. This type of encryption is extremely important because it provides an in-depth defense protection. Thus, encryption at rest provides data protection for all the stored data inside the disk. A great tool that provides this type of data encryption is, as you might have guessed already, Microsoft BitLocker.This type of encryption being provided by BitLocker is not only great for sole users but mostly for big organizations. If there ever happens to be an attack against the hard disk in which the data is stored, then BitLocker is designed to prevent the attacker from accessing any unencrypted data by making sure that all data put inside the disk is already encrypted.

Knowing the importance of data you are protecting, where you are storing it and classifying it, and more important of all, encrypting it, will make it much easier for you as a CISO or CIO to protect your enterprise from all data breaches.

Tips enterprises should take into account when it comes to their data security

You are the CIO or CISO of your enterprise and want to know some useful tips and tricks of protecting and properly securing your data? Well, look no further. You already know encrypting data is very important, nonetheless learning some new tips to make your job easier and less complicated it’s nice too.

Staying on top of data security threats is a very hard job and at times it’s too late to do anything. You as a CIO/CISO already know how important it is to leave the storing and protection of sensitive data to the experts. ‘It takes a village’ to fully complete the whole process of identifying, classifying, encrypting and storing data. That being said, these are the tips that any enterprise should keep a note of when addressing their data security.

1. Train your staff accordingly

When talking about training your staff, this does not only concern the experts who are handling data, but everyone who works at your enterprise. Every member of your organization needs to be properly educated and informed on the significance of the data you are storing and encrypting. As long as they know the priority you put on data protection, they will do the same.

2. Adopt new NFC (Near Field Communication) methods

This is a very useful tip for companies that require payment from their customers. It adds an extra layer of security if you develop your own smartphone app with very practical features like mobile pay and makes your clients more loyal and trusting to your brand. There’s no need for your customer to use their credit card and risk leaking their personal information, when they can let their smartphone interact with the special near-field communication readers attached to the cash register. How does it work? When a user enters their payment information into the app, a QR code is immediately produced so that they can pay by holding the QR code to the NFC rather than using their credit card.

3. Collaborate with payment processors

Another very cool trick to use is collaborating with payment processors. To prevent fraud and identity theft, debit and credit cards will be embedded with “EMV” (Europay, MasterCard, Visa) chips that will authenticate every single user’s identity. This is a very recent innovation, and will probably need some time until todevelops, however don’t forget to keep an eye out when everyone starts using it.

Why data privacy matters?

Data is a very important asset for an enterprise, the most important even. As different businesses are collecting bigger and bigger amounts of information on their clients and their own staff, the higher is the importance of ensuring that their data is secured and that they won’t be subject to any data leak or any unwelcome surveillance. Data privacy is more important today than it has ever been before, especially now where every business needs to abide by new data privacy policies and regulations.
Data privacy regulations such as the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR) have truly impacted the way enterprises collect and store personal information they gather from their consumers. These regulations are created with the intention to provide a level of legal protection that was not available before to customers and staff. However, businesses still remain at high risk of unintentionally violating these privacy regulations because unfortunately they have not taken the necessary precautions and measures of this extremely fast-paced and continuously evolving cyber risk landscape.

How can data privacy affect your enterprise?

1. Prevent breaches that hurt your enterprise
It is extremely important to implement strong security safeguards to protect all the stored data in the disk. Microsoft BitLocker safely managed by BitTruster is just the tool you need to do so. Moreover, BitLocker is the one that encrypts all the data at rest stored in your hard disk, thus preventing any possible breaches. All enterprises that do both, result in fewer security incidents that would end up being privacy breaches. Fewer breaches is a great indicator for the customer that your company really takes data privacy seriously and trusts your business more as opposed to your competitors. It also means that the enterprise itself doesn’t have to deal with huge fines coming from GDPR and CCPA.

2. Prevent breaches that hurt individuals

Putting a big emphasis on privacy protection means that you are providing a very strong security for the personal data collection and all activities associated with it. This way, your enterprise prevents any individual from falling victim to any data breach that might happen.

3. Improve your brand value

According to Forbes, 46% of enterprises that have previously had privacy breach incidents, have suffered from reputation damage. Enterprises that have made data privacy a priority in their organization and explicitly make clear that protecting the privacy of the individuals who have their data stored on their system is crucial to them, offer full transparency of what their data is being used for and fully abide to data privacy regulations, will make their brand standout from the rest and will build an unbreakable bond and trust with their customers.

4. Be ethical

If you want to stay in business for a long time and also want to develop a trusting relationship with your customers and employees, then you must establish and abide by your enterprise’s code of ethics. Usually the code of ethics ensures that the enterprise must handle confidential information with care and responsibility. The ethical factor in an enterprise is an added layer in protecting personal data and fully defining the values and morals of the company itself.

5 things you need to know about Data Privacy

Information privacy, commonly referred to as data privacy, deals with the process of properly and ethically storing any data, by being fully compliant to any data protection regulations. There are some common misconceptions about it, therefore the 5 things you absolutely need to know about data privacy are listed below:

1. Data privacy is not the same as data security

To be able to properly protect and comply with data protection regulations, both data privacy and data security need to be maintained in your enterprise. Alright, now that you know that you need to have both in order to fully safeguard data, how to tell them apart? Data privacy is the process of complying with all data protection laws and regulations and to fully focus on the way you collect, share, archive, encrypt and delete the data. Data security on the other hand, is how you measure that an enterprise is taking the right precautions in order to prevent any third unauthorized entities from having access to the data. Here comes the really interesting part – Microsoft BitLocker safely managed by BitTruster takes care of all the measurements and reports, so that your enterprise is taking the right precautions and that no third parties can access the data already stored in your hard disk.

2. Maintaining data privacy is a priority when doing business

In this day and age, where data is seen as the most important asset of any business, the true value of a company is seen in the way they handle data. Meaning that data is an asset worth protecting and every business that is prioritizing it, is on the right track. A lot of businesses treat their stored data as their own, when in reality it’s just information borrowed from individuals who for one reason or another have decided to lend their personal information to the enterprise storage system. In order for any business to keep the data whilst also keeping the trust of the people whose data belongs, they need to demonstrate full transparency on why they are collecting the data, how they are collecting it, what specific data they are handling and show that any subject whose data they are using is still in full control of it.

3. Privacy is ‘the right to be let alone’

You have nothing to hide, don’t you? Well, that’s your business and your business only. Privacy is your right to be left alone. You should be able to have your say in the process of handling your data. That is why regulations such as GDPR and CCPA are put in place, to make sure that each individual whose data is being stored by any enterprise, has full control on it, whether they want to retrieve it, leave it or delete it forever.

4. Serious consequences to data privacy laws non-compliance

With the very fast development of technology, cybersecurity and everything they bring to the table, companies will have difficulty going through data privacy laws without proper arrangements. Regulations such as GDPR are already having a huge impact on every business storing data and is on its way to shape Europe’s digital future. The same goes for other laws and regulations such as CCPA and several other state legislations on the way pending gubernatorial approval) . Violation of any of the rights listed on them will result in potentially huge fines and ultimately the loss of client trust and loyalty.

5. GDPR and CCPA compliance

Throughout this whole blog post you have read about GDPR and CCPA regulations a lot. This was done intentionally, because you cannot collect and store data without taking these laws into consideration. Although they are not the first privacy laws to be created, contrary to popular belief, GDPR especially, was the first serious intent to truly control the gathering of personal data and to fine all organizations or individual subjects who were not using these data appropriately. Moreover, regulations such as GDPR and CCPA have given data subjects the power to gain control over their own privacy.

Why does every enterprise need to have a data encryption software?

In any type of organization, if highly sensitive and confidential information goes to the wrong hands, it’s absolutely detrimental to the company. When managing sensitive data or data in general, all organizations know that they must be protected in one way or another to avoid any possible data breach. If you have been attentive in everything that has been written so far, you should remember rule number one when it comes to collecting data: You have to encrypt it when storing it. However, there are still enterprises that still aren’t using data at rest encryption tools. How come? Well, continue reading below to find out more.

Why aren’t all enterprises using data encryption tools?

Files, documents, emails, folders etc. come in the form of unstructured information. A lot of enterprises do not have it clear on who should encrypt it? How? Why? Sometimes managing encrypted information is more complicated than managing unencrypted information and a lot of enterprises have difficulty in properly dealing with data, classifying and structuring it as it has been listed down below.

1. Deemed as very complicated to use

A lot of organizations have difficulty managing all the passwords, keys, PINs or certificates they need, in order to access the encrypted, protected data. It might not be that complicated to access it from their device but they do not own the proper tools to have access and decrypt the data from any other computer.

2. No clear guidelines on what to encrypt and what not to

A lot of organizations do not even pay much attention to consistent disk encryption and that is a huge problem. For a lot of enterprises it is unclear on what information to protect and what not to. Often, what they do is that they might implement a software that will partly protect data in transit and that’s that. What about that important data that has been stored in their system for a long time? Well, Microsoft BitLocker can definitely help with that. Storing and encrypting data at rest in your hard disk is what BitLocker does best. Being safely managed and implemented by BitTruster is what your enterprise needs in order to ensure full data security to your clients and your entire enterprise in general.

3. Difficulty in integrating with internal corporate tools

As you might already know, the most sensitive information is found in Human Resources applications, Enterprise Resource Planning applications (ERP) etc. These particular applications are not well-prepared to manage protected files. Therefore, introducing encrypted files in certain internal corporate applications can interfere with the internal document management flow.

4. Having the authorization to access private information should not interfere with the ability to protect it

It is important for an organization to be able to audit all sensitive information but also have it under control and fully know what is done with it. Who is accessing it? When are they accessing it? Is someone internal or external who isn’t authorized, accessing sensitive information, he absolutely shouldn’t be?

When to encrypt data and when not to?

It is indispensable for enterprises to know when to encrypt data and when not to. The first step is to classify the information you have gathered, however identifying which one is the sensitive information does not mean you are protecting it.

The infographic below is created to make it easier for you the criteria you should follow in order to protect the information:

This infographic is a great way for you to better understand how to properly classify the level of importance each data has. However, something that I would like to emphasize as an industry expert, is that no data is worth losing. All data should be stored in a drive and definitely be encrypted. If you want to properly protect your enterprise data then make sure that all data-at-rest inside the harddisk is completely encrypted, secure and private.

How do you ensure data privacy?

2021 is the year of privacy and enterprises should definitely make it a priority. Being part of the data collecting process means that at some point you will have to deal with GDPR or any other data privacy regulations or laws. So how to ensure complete data privacy?

3 Best practices to make sure you are fully maintaining data privacy

1. Only collect data that is absolutely needed

As it has been mentioned throughout this blog, an advice we would absolutely give you is to only collect the data that you need. If you don’t need to know someone’s date of birth, their relationship status etc., then just don’t collect it. A really good option is to use a kind of framework that only verifies this type of data rather than store it. This sort of system uses third-party data sources to verify that the data inserted belongs to the user and that’s it. After that, no actual data needs to be collected at all.

2. Build in consent models when collecting or dealing with data
Building consent models for everyone that has to give personal information to your enterprise, makes you create a more interactive relationship with them. It helps your enterprise show your clients and your staff that using consent is an integral part of the way you collect and store their data. Make sure to build in consent models whenever you collect or use data.

4. Implement a data security tool

Privacy is ‘the right to be let alone’. Meaning that privacy also covers the fact that people whose data is being used, should have complete authority on whether they choose to share it or not. Therefore, security measures should be implemented. Moreover, the security tool that will be implemented needs to be applied across multiple layers. Start by classifying your data first and see if it needs extra protection or not.

Does BitLocker alone offer a good enough protection?

This blog promised to tell you everything about BitLocker and will definitely do so. Is BitLocker alone a good enough protection for your system? Well, we know it is and will show you why.

System risks covered by BitLocker

1. Hard drive removal from the computer

In case your hard drives have been removed from your computer, you don’t need to worry about the data that has been stored inside because nothing will impact it. This is all thanks to BitLocker, with its 128-bit encryption key (or even higher), the data is safely stored and protected.

2. In case the computer is stolen

In the unfortunate case that your computer has been stolen, no need to fuss about the stolen data, cause there won’t be any. In ‘Unlocking BitLocker – protected drives’, four methods of how to unlock your encrypted data for authorized access on BitLocker were explained in detail. Keeping that in mind, from the ‘least secure’ protection policy being TPM-only to the multi-factor authentication process using TPM with both startup key and PIN, BitLocker is designed to slow down any external or internal attacks.

3. External threats

BitLocker as a top-notch encrypting tool, makes sure to keep any external threat that wants to access your data as far away as possible. BitLocker is an encryption program that has the ability to encode the entire drive and at the same time protect the device and prevent it from possible intruder threats.

BitLocker Pros and Cons

The true cost of maintaining BitLocker for your enterprise

Full drive encryption should definitely become an enterprise standard practice, as the risk of data breach and theft has increased. Given the major consequences coming from data breach and theft, the only proper solution is to employ an encryption tool such as Microsoft BitLocker. However, you might probably discover the true cost of maintaining BitLocker or any other encryption tool, only after you have implemented it. In order to make it easier to understand and calculate for you, I divided the BitLocker encryption tool into three different sections:

1. Hardware

When maintaining BitLocker, some unpredicted costs might come from the fact that BitLocker itself needs additional hardware requirements. What does this mean exactly? Well, as it has been explained earlier on, any device that has deployed Microsoft Windows OS has already BitLocker included in it, nonetheless each system needs to have a Trusted Platform Module (TPM) chip in order to access BitLocker’s full-on features. Adding a TPM chip to each and every device in an enterprise in order to take advantage of all benefits BitLocker has to offer, means that your enterprise needs to pay around $30 for every machine. Moreover, those TPM chips need to be configured and enabled. You as a CISO/CIO know that in order to do all of this, it takes a lot of time and resources and might even be an unnecessary waste of time for your enterprise. BitTruster is a great solution when it comes to this issue because it can automate the configuration process of TPM chips.

2. Software

Standardizing your enterprise data and policies to match those required by BitLocker, means that you need to upgrade some of your Windows licenses and also ensure that your enterprise possesses additional Microsoft software to be able to support the full Administration and Monitoring of Microsoft BitLocker. So where does the true cost lie here? If you want to have all of the software upgrades and licenses mentioned above, then you need to make significant monetary investments for a dedicated Windows and SQL server. To give you some perspective, the SQL Server Enterprise edition licensing can cost around $6874 per core. Some servers run their systems with multiple cores so I will let you do those calculations yourself.

3. Management

The authentication of data encryption is device based, so even though users and administrators are able to take advantage of the strong native encryption BitLocker offers, they cannot privately access it. This means that an external tool needs to be purchased in order to support all devices and perform the Full-Disc encryption.

Microsoft BitLocker is definitely a must for every enterprise. Do not be scared and driven away by the additional costs the management of BitLocker might bring. The thing is that it’s employment is completely free and the good news is that BitTruster is the perfect Microsoft BitLocker management tool that will secure a cost-effective, time-saving, and overall successful implementation and maintenance of BitLocker. Wanna know more? Then, keep on reading.

Managing BitLocker with BitTruster

It has already been established that any company big or small that is storing any type of data needs to have an encryption feature software and BitLocker was created with the purpose of building a safe environment for everyone’s data.
Nonetheless, as it was explained on the sections above, BitLocker is at times complicated to properly maintain, so why waste money on resources and time on finding them in different places where you could use BitTruster to do it all for you?

Lower your encryption costs with BitTruster

BitTruster’s mission since its inception was to provide a simple, centralized and cost-effective solution from initial implementation to the proper long-term maintenance of Microsoft BitLocker.
BitTruster is there to support your enterprise when it comes to managing the entire life-cycle of BitLocker, including all predicted or unpredicted encryption costs. Therefore, BitTruster has carefully crafted three subscription plans for every CIO/CISO or business owner out there that wants to protect their enterprise but also wants to be given peace of mind and employ a third-party tool to take care of everything.

1. The Silver Plan

The silver subscription plan is the standard package that will help you simplify the usage of Microsoft BitLocker. This plan makes sure you have full control of the end to end BitLocker encryption without any unexpected extra costs. BitTruster will make sure to perform an internal audit of your enterprise so the entire management of BitLocker will be compliant to your enterprise’s policies. Moreover, you won’t need to stress over any lost PINs or recovery passwords ever again. By subscribing to the $1.99/month silver plan, BitTruster centrally stores the PIN and the password of every device, so you can access or change them in a few steps in the management console. In addition to all that, if for any reason you are struggling with something concerning the passwords, PINs or recovery keys, BitTruster has put in use the helpdesk, available to customer admins to help resolve potential end user issues.

2. The Gold Plan

The gold subscription plan was created with the main purpose of helping you maintain data privacy and manage BitLocker within your organization. This plan is perfect for when you have to use BitLocker encryption for big enterprises that are collecting huge amounts of data on many different devices. It ensures that you have complete control of the BitLocker encryption tool and consistent handling of all endpoints. All passwords, PINs and recovery keys are centrally stored and access to all these is based on the role each employee has, making the management of BitLocker for big enterprises, truly simple. Moreover, BitTruster checks status ongoing, makes the entire environment status available to view, as well as sharing and distributing it in report format. For $3.99/month BitTruster puts in use the helpdesk functionality for customer admins who are managing encryption and is there to assist with any potential end user issues regarding passwords, pins and recovery keys. Gold would also give customers the Self Help Portal piece, which allows them to give end users the rights to resolve some issues independently.

3. The enterprise plan

The enterprise plan includes all benefits of the Gold plan but in an on premise version. By subscribing to the enterprise plan, or licensing it in the traditional way, you will be able to have BitTruster administrate every aspect of BitLocker locally within your own perimeter. Apart from all the practicalities it will give you concerning the TPM/PIN management, the well-crafted protection reports, consistent handling of all endpoints and performing an internal audit of your entire enterprise’s policies and licenses, the enterprise plan will provide you with private consultation meeting with the data protection software experts at BitTruster. BitTruster will be by your side throughout the whole management of BitLocker, giving you advice and making data encryption as simple and stress free as it can.

BitTruster is an absolute state-of-the-art, cloud-based or on-premise solution, fully supporting enterprises of any size, securing their data and making data privacy a priority by helping them become compliant with GDPR and CCPA regulations. Whether you chose the silver, gold or the enterprise plan you should know that Bittruster will be by your side every step of the way.

Who knew data encryption could be this simple?

By now you’re probably thinking to yourself – Has data encryption been this simple during all this time? Well, collecting and storing data is a highly sensitive process, nonetheless when you use the right tools to do it then yes, it is very simple. Why complicate your job when you could employ BitTruster to give you peace of mind by keeping BitLocker management under control and at the same time be fully transparent with you by constantly sharing security reports of your enterprise and keeping you up-to-date at all times? If you are looking to avoid intellectual property losses, extra unpredicted costs and lose your clients’ and staff’s trust with a reputation damage, then it’s definitely time for you to employ BitTruster and fully set up and manage BitLocker.