BitLocker is standard in certain versions of Microsoft Windows®. These are Windows Vista® and Windows 7 Ultimate and Enterprise editions®, and Windows Server 2008 R2. BitLocker therefore can make sense to deploy in certain environments predominantly using these versions.
However, it is important to understand and plan for the management, reporting and auditing requirements of such compliance mandates as PCI DSS, UK Data Protection Act, SOX, International Data Protection Directives, etc, - and integration with existing systems management and data protection solutions in place today for legacy systems and other endpoints (USB Thumb Drives, etc.)
Integration of basic encryption capabilities into the operating systems represents a good first step in improving the security of critical data, but while BitLocker offers a good, volume-based encryption solution, it will also present some challenges. Specifically:
- It is not appropriate for all users
- It covers only a subset of platforms / devices
- Careful management is required, especially of the recovery keys