BitLocker Encryption Enhancement by MFG
Microsoft’s BitLocker Drive Encryption is a widely accepted data security measure adopted by many organisations operating in Windows environments. BitLocker addresses the threats of data theft or exposure from lost or stolen computers. However, BitLocker does have its limitations for businesses running multiple devices across various operating systems – which is common in the modern day.
With Managed Encryption’s BitLocker Enhancement, organisations can improve their existing BitLocker deployment with a centrally managed solution along with a number of value added features.
How can MFG enhance Bitlocker?
1) Simplified Deployment
2) Enhanced Security
3) Increased User Friendliness
4) Stronger Recovery
5) Next Level Functionality
Enhanced functionality for IT administration
Manage all encrypted devices across the enterprise
Supports multiple sign ons on a single device
Customised Pre-boot and multi-factor authentication
Deployed and managed with no user interaction
Security policies managed centrally
We intelligently manage your BitLocker deployment for you!
MFG Managed Encryption take care of all your business’ data security related administration, including policies, encryption keys, and password rules.
Best of all, no training is required by the end user or by your IT team. Our dedicated team are readily available to help and you can be safe in the knowledge that your sensitive data is secure with a robust encryption solution.
Why do I need MFG's features on top of my existing BitLocker deployment?
BitLocker Deployments made easy
BitLocker is a good starting point for device encryption, but deployment can be a labour intensive process for busy IT departments. Further to managing the deployment for you, MFG’s BitLocker Enhancement allows a host of other value added deployment features.
Deployment of Microsoft BitLocker can actually be skipped by the end-user before being fully activated & encrypted. The device is therefore still a risk to your company and out of compliance with your security policy.
MFG’s BitLocker enhancement will enable BitLocker to encrypt the device before the end-user receives it, ensuring it is compliant straight away. The user is only required to take control of the device by setting their pre-boot password.
Furthermore, with BitLocker alone, devices that are to be used in your MBAM environment require TPM chips. These are not required when using MFG’s BitLocker Enhancement meaning the software can be deployed on any legacy hardware.
When using Microsoft BitLocker alone, any local administrator on a device can disable the software, creating a massive risk on ensuring the device stays encrypted.
MFG’s BitLocker Enhancement solves this problem by preventing these local administrators from disabling and decrypting the device, ensuring they stay compliant.
As part of MFG’s managed service, compliancy across all devices is monitored constantly by our team. MFG offers a number of features to enhance your BitLocker deployment’s security including:
- Challenge Response and Self-Help Password Recovery
- Simplified Password Recovery as opposed to BitLocker process
- Password Synchronization (Single Sign-on) or Multi-Factor Authentication
- Support for Self-Encrypting Drives
- No TPM Chip/MBAM Required with our solution
- Multiple Platform Support
Increased User Friendliness
Microsoft BitLocker’s pre-boot screen is restricted to a single user, meaning all users of that device need to know the PIN. With MFG’s BitLocker Enhancement, we can allow multiple users to log into the device, each with their own unique credentials. These credentials are interchangeable to other machines on our system.
With Microsoft BitLocker, the pre-boot screen cannot be customised, whereas with MFG’s BitLocker Enhancement, we can ensure that the image reflects your organisations colours, branding and style plus your IT support contact details.
MFG’s Managed Encryption solution has been developed with an multi-user, multi-device environment in mind, whereby all security can be managed centrally including policies, password rules as well as the encryption deployment itself.
Completing a Device-Password recovery can be a challenging process if using Microsoft BitLocker on its own. MFG provides a much simpler method of password recovery, offering:
- Self-help recovery questions to each user
- A challenge response method to our help desk if required
- Enhanced security
Being a managed solution, your encryption keys are always safe and looked after.
Next Level Functionality
BitLocker is a good starting point for encrypting Windows-only devices, but organisations need a more comprehensive strategy for securing all devices across different platforms. To find an enterprise using one platform across the board is nearly impossible in the modern working environment.
BitLocker encryption is available on Microsoft Surface tablets, and BitLocker-To-Go for USB flash drives, but there is no compatibility for other operating systems or mobile devices.
MFG’s BitLocker Enhancement takes functionality to the next level: centrally managing the encryption of every end-point including devices running Windows, Linux and Mac OS. We can provide policy-driven management for Android and iOS devices, removable media encryption as well as virtualised and Cloud server environments
BitLocker Pre-Boot Authentication is limited to TPM, PIN, and USB Keys. For many businesses already using tokens, smartcards or biometrics, there is no integration with Microsoft BitLocker. MFG’s BitLocker Enhancement improves the Pre-Boot authentication and can integrate your existing tokens, smartcards and biometrics to provide multi-factor authentication.