Unit 4a, Moulden Way, Reading, RG7 4GB +44 118 914 8800 Mon - Fri 8.00AM - 18.00PM

BitLocker Enhancement

Managed Encryption – Making Microsoft BitLocker Work Better

Microsoft's BitLocker Drive Encryption is a widely accepted data security measure adopted by many organisations operating in Windows environments. BitLocker addresses the threats of data theft, however it does have its limitations for businesses running multiple devices across various operating systems - which is common in the modern day.

With Managed Encryption's BitLocker Enhancement, organisations can improve their existing BitLocker deployment with a centrally managed solution along with a number of value added features.

Does Microsoft BitLocker alone offer good enough protection?

The short answer is ‘no’. BitLocker is a great solution; delivering fast, integrated encryption protection for Windows environments. But as we mentioned earlier, BitLocker only covers Windows devices and also requires tools to enforce and prove compliance in the case of device loss or theft. Plus, it’s costly to manage and uses complex PINS which get in the way of user productivity and workflows.

Your enterprise doesn’t operate on only one platform or restrict data access to corporately owned devices. So relying solely on the native encryption protection offered by BitLocker will leave you with significant security and compliance gaps.

Let’s take a closer look at the pros and cons of BitLocker…


The Pros and Cons of Microsoft BitLocker

BitLocker does some stuff well... But it needs some support by the Encryption Experts at MFG, let's take a look.

BitLocker Pros

  • Native: Because it’s built-in OS encryption, it delivers better performance and compatibility than most third-party solutions
  • Complementary: Some basic management tools are already included in MDOP for Windows Software Assurance/Volume Licensing customers
  • Integrated: BitLocker is supported in Microsoft Azure with Azure Disk Encryption

BitLocker Cons

  • Costly: Needs a lot of IT Helpdesk and management support; cannot manage macOS or Linux devices
  • Compliance gaps: BitLocker – with or without MBAM – can easily be disabled or ‘suspended’ by certain users and applications, so you can’t use it on its own to demonstrate devices are in a compliant state after deployment
  • Management complexity: Managing it requires a minimum of two servers and relies on open and insecure Group Policy Objects to manage data protection policies
  • User experience: BitLocker without PIN authentication offers the lowest level of data protection, but with a PIN it’s disruptive to users

Unlock new advantages with BitLocker

Save Money

Dramatically cut the cost of managing encryption across platforms

Reduce Risks

Close the compliance gaps that BitLocker leaves and cut the risk of penalties

Simplified Management

Simplify management and reduce encryption helpdesk workloads

Ease of Use

Deliver a great user experience supporting uptime and collaboration


Close compliance gaps, once and for all.

One of the main reasons why businesses deploy encryption is compliance – it’s true! It’s the number one driver for new installations and with GDPR now live, it continues to be a top IT concern. Because BitLocker doesn’t come with centralised management, visibility and control, you can’t use it to prove encryption protection, in the way regulators require. Furthermore, any user with privileged administration rights can tamper with encryption settings and disable BitLocker.

MFG’s Managed Encryption layered on top of BitLocker can prevent tampering by blocking users from accidentally or maliciously disabling BitLocker protection and also enable detailed, real-time reporting such as historical data and user login activity.

Can you currently prove your compliance?

Lower your encryption costs

Managing encryption keys is seriously difficult and costly across today’s typically complex IT infrastructure. Managing BitLocker requires an investment in multiple new servers and hardware drivers and you still end up with a solution that leaves compliance gaps. Using MFG Managed Encryption is the secret to improving encryption ROI across your BitLocker deployments and beyond.

MFG’s BitLocker Enhancement takes functionality to the next level: centrally managing the encryption of every end-point including devices running Windows, Linux and Mac OS. We can provide policy-driven management for Android and iOS devices, removable media encryption as well as virtualised and Cloud server environments.

MFG Managed Encryption take care of all your business’ data security related administration, including policies, encryption keys, and password rules at no added cost.


BitLocker Deployments made easy with MFG

MFG’s BitLocker enhancement will enable BitLocker to encrypt the device before the end-user receives it, ensuring it is compliant straight away. The user is only required to take control of the device by setting their pre-boot password.

MFG Managed Encryption will then take care of all your business' data security related administration, including policies, encryption keys, and password rules. Best of all, there's no training is required by the end user or by your IT team. Our dedicated team are readily available to help and you can be safe in the knowledge that your sensitive data is secure with a robust encryption solution.

Your customers would benefit from our BitLocker enhancement!

MFG's Partner Program has been specifically developed to help IT companies help their existing clients and attract new customers. Data security breaches and concerns are on the rise and you should be proactively advising your clients on the benefits of data encryption as a technical measure for the GDPR and Data Protection Act of 2018.