Coming October 25: PeerSpot Awards will be announced! Learn more

Microsoft BitLocker Room for Improvement

JS
Information Security Manager at a renewables & environment company with 501-1,000 employees

Their interoperability with our tools, which are the Microsoft tool, can be improved. It needs to be geared towards more of the wraparound of the zero trust. There are solutions we're looking at that do encryption plus X, Y, and Z. So, we're looking at the ability to wrap around the product with other features.

The biggest one for us is revoking access. So, even though someone downloads something to a device, we want the ability to cloak that device or data and bring it back or make that data unusable for that person. Currently, BitLocker doesn't give us that ability. It basically encrypts it. We're seeing if identity management or IAM allows us to do that. We're kind of looking at third-party software that does that for us.

Usually, Microsoft sees what other third-party companies do and then either adopts it or buys the third-party company, and that's kind of what we're looking into. That's our need. It'd be a lot better if it was all under one mirror or one window, instead of having a couple of different vendors working on it. So, if Microsoft could solve that, it would be awesome. They should look at the third-party enhancements that people are doing, and then take the encryption a step further by adding those features to BitLocker. Microsoft has different components. They have identity management, but is it tied to encryption? BitLocker is mostly tied to devices, but it would be best for me if I get a piece of data and I am able to encrypt it all the way through using BitLocker. Currently, BitLocker is basically tied at the device level instead of the data level.

I would just like them to look at what other people are doing in terms of encryption as a whole and offer the encryption not only tied to the device, but also to the file level. They should add features on that in terms of access control and reporting. We should be able to see who has access to it and who has touched a file. So, we're going towards the zero trust model and the zero trust reporting. It is a "We don't trust anybody" type of deal. So, it is not just the device, it is the data. They should try to wrap it around the data at the file level and not at the device level.

View full review »
ManojNair2 - PeerSpot reviewer
Founder/Director at Augesys Solutions Pvt Ltd

In terms of improvement, they should look at file encryption. When the files are being moved out or something, sometimes we need encryption in transit. Meaning when your system, your laptop you're using, the files are idle, then they are encrypted. And if you are sending the files out, let's say you're mailing the files out, that's data in transit. The encryption over there is controlled differently. It depends on what tool you're using for sending the files. However, the encryption is controlled there. The thing is, if you could have one single point of the solution, no matter if you're using Office 365 as an organization, to have just one encryption system across multiple systems, rather than having one BitLocker on the drive, then another encryption rule-set for sending an email, that would be easier.

Maybe the solution could use some more capability within the reporting system, et cetera. The reporting in Microsoft is very minimal. If you had a third-party tool, they will give you very high-level, very detailed reporting across various categories and conditions. Microsoft doesn't do that. That's a huge drawback in the system. You open the control, you get a lot of information; however, that information, you can't export.

View full review »
SW
Manager - ICT at a insurance company with 51-200 employees

I was looking for a better solution. It's my understanding that if you're just to generate that endpoint encryption and you just run it normally, it may not give you the actual protection you need as you don't have a centralized server.

At the end of it all, we are looking for something that can be easier to manage. Everything that you need to do manually can end up being an issue. If it's a product that can be automated, I would be happier with it. Right now, with the way it is arranged, it's a bit manual as it isn't centralized.

View full review »
Buyer's Guide
Microsoft BitLocker
September 2022
Learn what your peers think about Microsoft BitLocker. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
634,325 professionals have used our research since 2012.
JM
ICT operations and security manager

User profiles can be improved so that people can create their own passwords. It has one password per machine, which is a problem. We would prefer each user to have his or her own boot password. Each user can have a username and password or biometrics, such as fingerprints and iris scanner, integrated into the boot process, but I really can't see that coming anytime soon, if ever.

View full review »
AP
Director, Cryptographic Engineering at a financial services firm with 10,001+ employees

Right now, the problem for us is, if a laptop is stolen, how they address it with the hard drive if it is already protected in BitLocker? We cannot protect anything until we have a centralized server feed where w can get all the information from all the laptop and the device if it does get stolen. Currently, to solve this, we are using a solution called Unbound.

I'm a hardcore developer. I don't know whether the solution has any source files. That said, I don't see anything that's really lacking, feature-wise. 

It's possible that the time it takes to pull items in to BitLocker could be reduced a bit. It can take a long time - sometimes up to 90 minutes.

View full review »
Jeison Bonilla - PeerSpot reviewer
Cyber ​​Security Administrator at BAC Credomatic

Technical support has not been very good. 

We'd like automatic self-service in future releases. 

View full review »
VM
Product Manager at Axoft Ukraine

Some of the technical internal functions, such as encryption protocols or something similar, could be improved. But it makes no difference in terms of functionality for us or users.

View full review »
AS
System Administration Specialist at Alatau Innovations

We need to increase the data disc a bit, not all of it, as we tried to test some special software views. We had a problem with the disc. The disc may be damaged. We can lose information. This has just happened once. It’s not standard.

The initial setup is complex.

I want them to include the encryption of the data disc.

View full review »
JH
Chief Information Security Officer at a healthcare company with 1,001-5,000 employees

It is not good for cross-compatibility, so our Mac users are not able to use it.

The support for Linux and Macs is really the only thing that we are missing.

View full review »
KD
I.T. Director & CISO at Maple Reinders

The pricing should be improved.

View full review »
TAYIM Henri - PeerSpot reviewer
System Administrator at a transportation company with 10,001+ employees

The solution could improve by having a centralized GUI for management.

View full review »
SK
Associate at a consultancy with 201-500 employees

The solution could be improved if it was more user friendly. 

View full review »
SHOAIBKhan1 - PeerSpot reviewer
IT Manager at a tech services company with 10,001+ employees

The console GUI could be better.

The initial setup could be simplified.

View full review »
Buyer's Guide
Microsoft BitLocker
September 2022
Learn what your peers think about Microsoft BitLocker. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
634,325 professionals have used our research since 2012.