Endpoint Management

Getting Started with BitLocker in Windows

Last modified 7/7/2020

About

To get started on encrypting your Windows devices with Microsoft BitLocker. This guide is assuming you are currently not doing any encryption.

Getting Started

What is BitLocker?

BitLocker Drive Encryption is a data protection feature that integrates with the operating system and addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned computers. This feature comes already built-in to Windows.

Learn More at https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-overview

Prerequisites

The device has a TPM chip and it is enabled/activated
Configuration Manager Client installed for domain-joined devices.

Enabling/Activating Your TPM

Use the following guide to enable your TPM: Turn on Trusted Platform Module (TPM)

Enabling BitLocker

Using Microsoft Endpoint Configuration Manager (Domain-joined Devices)

Use the following guide here: Deploying a BitLocker Policy using Configuration Manager