Can BitLocker be used with strictly key management? So on boot a pre-boot authentication is required. The client wants the computer to be as fast as possible.Ģ.Bitlocker and SED.
I would not like to go this route mainly because of the performance hit from software base encryption. The requirement it pre-boot authentication.ġ. After doing some research, I have come up with new questions. Thank you, Justin and Jon, for your replies. And, at that point, I believe it starts to not be free anymore! Microsoft BitLocker Admin and Monitoring. If you are looking at a “fleet” of notebooks in an enterprise, then you may need to add the MBAM layer. I think that BitLocker should meet these requirements, but you should verify that! In Finance and Banking, there are very specific laws regarding data protection, and you really should research those. you get what you pay for! Why skimp on security, of all things? Surely, there are other areas you can save some money on so you can spend a hundred bucks for a full-featured security package.
I agree with Justin! Win8.1 and Win10 Pro BitLocker is a good way to go.īut I do have to say, in data security as with anything else. Do you think SED is my best solution to their situation?īitlocker comes with Windows 8.1 pro. I don’t want them to have to pay for software encryption. They are in the financial industry and require encrypted hard drives. I have a client that want a new computer. Keep in mind that for an SED, the encryption engine is always on, so really all the BIOS has to do is support access control to the encrypted volume. There aren’t very many recent notebooks which don’t have a TPM, for that matter! To lock the drive in BIOS, you will need a BIOS that supports the TRUSTED SEND and TRUSTED RECEIVE commands in order to use your Opal SED, but you’d have to have a really old BIOS that doesn’t. In BitLocker, though, I believe if you don’t have a TPM, you may be required to use a USB thumbdrive as a key, so you’d need to have the thumbdrive installed whenever you open the encrypted volume. The SED doesn’t need a TPM, particularly your Crucial SED, and most hardware encryption management software packages don’t require one, either.
Sorry had to paste the link in a text box as android chrome wont just let me paste it. Typically a tpm is not required but can be used if available. Track users’ IT needs, easily, and with only the features you need. IT Best Practices – when your company expands from domestic to glob.Windows Server 2016 and SOC 2 compliance.Think you’re an IT whiz? Try and ace our quiz!.If I have no idea what I’m talking about can someone please explain the purpose of TPM and if it is required for SED. In the hardware encryption discussion, trusted platform modules are discussed. Is this the best practice for implementing an SED? If you have an SED and BIOS that supports hard drive passwords your drive will be protected. Let me state my understanding of self-encrypting drives and how they work.