2021-04-29T01:39:00Z
KW
Project Engineer (Engineer II) at a energy/utilities company with 1,001-5,000 employees
  • 2
  • 267

What should one take into account when replacing PGP with Microsoft BitLocker?

Hi, we're planning to replace PGP with Microsoft BitLocker for our endpoints. What aspects should we take into consideration during this move? 

Thank you!

3
PeerSpot user
3 Answers
DC
Application Programmer (Infrastructure and OA support) at a government with 10,001+ employees
Real User
Top 20
2021-04-29T08:20:46Z
Apr 29, 2021

Beware to make backup of useful data, then use reverse decryption policy from Symantec panel/McAfee ePO to decrypt the DE partitions while it is sometimes more straightforward and faster to reinstall the machine(s) all over from scratch (especially for mechanical hard drives taking one day or two if being decrypted). For uninstallation of the McAfee Agent and Encryption modules, it is advisable to use the McAfeeEndpointProductRemoval tool for greater ease and GUI simplicity as compared to batch command lines. When using Bitlocker, make sure all your partitions per machine are encrypted respectively with reference to a single unlock password of C: drive and do keep an offline record of recovery key(s) for emergency purpose.

Your replacement is a smart move because Windows Bitlocker seldom or never requires any version control and product upgrades, but then it misses out the functionality of centralized control as in Symantec panel or ePO Orchestrator.

Search for a product comparison in Endpoint Encryption
James OConnor - PeerSpot reviewer
Sr. Solutions Sales Executive - Commercial/Charity/Healthcare/SMB Individual Contributor at Hypertec Direct
Reseller
Top 10
2021-04-29T17:43:42Z
Apr 29, 2021

From a licensing perspective, you will want to have management over BitLocker.  


With PGP you have a management tool to manage the encryption, but you are using a non-native product to encrypt your devices and may slow the device down or create other management issues.  


If you are in a regulated industry like Healthcare or just want more control over BitLocker, management is critical.  BitLocker is native to the operating system and an individual can encrypt their machine but then the keys are not secure so you have less protection from regulators.  


There are a few ways to manage BitLocker.


MBM or Microsoft BitLocker manager is part of some on-premise Microsoft licensing for Windows as well as Microsoft 365 Business Premium and Microsoft 365 E3/E5 (Not part of Office 365 E3/E5).  With MBM your keys are encrypted and reporting will show that the device is encrypted or unencrypted if lost.  That is very important with Healthcare Laptops, since a lost laptop can cost a healthcare organization $Millions depending on what the Healthcare Org can prove what was or was not on the laptop to the Federal Govt. "Office of Civil Rights"...



Sophos is another product that will manage BitLocker and encrypt the keys.


Trend Micro is another that will also manage BitLocker and encrypt the keys.

TA
Senior Sales Engineer at Dell
Real User
2021-07-26T18:00:29Z
Jul 26, 2021

Do a google search on "bitlocker hack"



Review some of the videos to see just how easy it is.

Learn what your peers think about Microsoft BitLocker. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
654,658 professionals have used our research since 2012.
Related Questions
Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
Dec 13, 2021
How does Microsoft BitLocker compare with Symantec Endpoint Encryption? Which is better and why?
See 1 answer
Janet Staver - PeerSpot reviewer
Tech Blogger
Dec 13, 2021
Microsoft BitLocker is very intuitive and easy to maintain. It is basically the global standard solution for drive encryption and it successfully fulfills regulatory needs in terms of data protection. BitLocker consists of agent initialization and robust disk encryption algorithms, and does a good job with reporting on compliance. BitLocker will give you peace of mind by keeping your data safe - especially if employees lose their laptops, or if laptops are stolen - providing you with confidence that no data will be compromised. I like that BitLocker allows you to encrypt removable media as well. However, the encryption key management feature could be improved, and so could its OS compatibility and console management. Some other things I dislike about it are that oftentimes encryption fails to resume after it has been suspended, sometimes it can be time-consuming to encrypt a disk, and encrypting secondary drives can be tricky, to say the least. Symantec Endpoint Encryption’s most valuable feature by far is the messaging and shared folders. It offers great protection and is the perfect solution for large-scale deployments. In addition, it is low-maintenance, which is another big advantage because you rarely need to involve technical support. Moreover, it integrates very well with Symantec Messaging Gateway and Symantec DLP, which works to catch emails and send them to the encryption server which then communicates to the user that confidential information is being shared or sent out, giving administrators the chance to respond appropriately. Symantec Endpoint Encryption’s initial setup and installation is pretty straightforward and easy but the product comes with a high price tag. The only other setback with Symantec is that the program’s disk encryption is not very intuitive or user-friendly when it comes to Microsoft OS updates. Other than that, the product is a stable, reliable, all-in-one solution that is very suitable for enterprise data management. Conclusion: When comparing Microsoft BitLocker and Symantec Endpoint Encryption, they both have their sets of valuable and unique features, but they also both have setbacks. Your choice of product will ultimately be determined by what your organization’s requirements are and which solution can meet your needs best.
Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
Nov 9, 2021
Why?
See 1 answer
Janet Staver - PeerSpot reviewer
Tech Blogger
Nov 9, 2021
Microsoft BitLocker is very intuitive and easy to maintain. It is basically the global standard solution for drive encryption and successfully fulfills regulatory needs in terms of data protection. BitLocker consists of agent initialization, robust disk encryption algorithms, and does a good job with reporting on compliance. BitLocker will give you peace of mind by keeping your data safe - especially if employees lose their laptops, or if laptops are stolen - providing you with confidence that no data will be compromised. I like that BitLocker allows you to encrypt removable media as well. However, the encryption key management feature could be improved, and so could its OS compatibility and console management. Some other things I dislike about it are that oftentimes encryption fails to resume after it has been suspended, sometimes it can be time-consuming to encrypt a disk, and encrypting secondary drives can be tricky, to say the least. McAfee Complete Data Protection, on the other hand, offers a lot more protection. First of all, it encrypts your computer for you so you don’t have to. It scans emails to make sure there are no harmful attachments, it allows you to complete virus scans, filters harmful websites, and it will also proactively stop a download if it is unsafe. Although some might find its attempts to block things to be irritating, it is still an excellent product for all the features it provides without being intrusive. Sometimes the program can skew the formatting of some webpages, though, and drive encryption can be a bit slow to load at times. What I like most about it is that it gives you the status of all programs that you have running. Conclusion: Even though BitLocker helps keep files encrypted and adds an extra layer of security, I think it is worth considering McAfee as a better and more suitable option since it offers an all-in-one protection tool and is extremely user-friendly.
Related Articles
Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
Apr 25, 2022
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias. Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why. You can read user reviews for the Top 8 Endpoint Encryption Tools to help ...
Shibu Babuchandran - PeerSpot reviewer
Regional Manager/ Service Delivery Manager at ASPL INFO Services
Aug 9, 2022
If you’re weighing your options for endpoint security solutions, there are many options out there. However, solutions vary greatly in terms of how effectively they can protect your network. I want to help you make the best decision possible, so here are some questions to ask before buying an endpoint security solution, and why they are important. 1) Does the solution employ Foundational Tech...
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Jul 11, 2022
Hi community members, As usual, this new Community Spotlight shares with you the latest articles, questions and trending discussions from your peers. Trending See what is trending at the moment and chime in to discuss! Top 8 Extended Detection and Response (XDR) Tools 2022 Would you recommend replacing Cisco ASA Firewall with Fortinet FortiGate FG 100F due to cost reasons? What is the...
See 2 comments
Ravi Suvvari - PeerSpot reviewer
Performance and Fault-tolerance Architect with 1,001-5,000 employees
May 30, 2022
Good very informative
Jairo Willian Pereira - PeerSpot reviewer
Information Security Manager at a financial services firm with 5,001-10,000 employees
Jul 11, 2022
Analyze the wave of product at Gartner Hype Cycle. EDR was good in the past. After that, MDR joined the hype and now, XDR is the trend. Wait for more in a couple of months and (sic) know the ZDR!
Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
Apr 8, 2022
For most companies, whether they are large or small organizations, cyber threats and hacker attacks are a major concern and an ongoing challenge. Since cybersecurity is a critical part of any enterprise IT environment, it is important for software engineers, security, and DevOps professionals to stay up to date on the most recent trends in order to be well prepared for tackling ever increasing ...
See 1 comment
Stuart Berman - PeerSpot reviewer
CTO at a tech company with 11-50 employees
Apr 8, 2022
I agree with many of these observations.  A trend I noticed as a security professional was that putting bandaids on legacy technology buys little protection and the bigger your enterprise the harder it is to embrace newer safer technologies.  As an example, Microsoft Active Directory is entrenched in most organizations but is so complex and so relied upon it has become a major attack vector.  Newer offerings bring a compelling alternative but the difficulty in switching increases exponentially with the size and complexity of the existing environment.  Ultimately, even the cloud offerings (Web2) are being replaced by Web3 (blockchain-based) technologies offering Immutable file storage and backup today.
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Apr 4, 2022
Hi peers, This is our new Community Spotlight that includes recent contributions (questions, articles and discussions) by the PeerSpot community members. Trending Is RPA beneficial for a healthcare organization? With the increasing risk of cyber attacks in the west, due to the war in Ukraine, how safe is your data in the cloud? Articles 8 Business Automation Ideas to Save Time and...
Related Categories
Related Articles
Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
Apr 25, 2022
Top 8 Endpoint Encryption Tools 2022
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to...
Shibu Babuchandran - PeerSpot reviewer
Regional Manager/ Service Delivery Manager at ASPL INFO Services
Aug 9, 2022
8 Questions to Ask While Selecting an Endpoint Security Solution for Your Business
If you’re weighing your options for endpoint security solutions, there are many options out there...
Download Free Report
Download our free Microsoft BitLocker Report and get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
DOWNLOAD NOW
654,658 professionals have used our research since 2012.