How to Streamline BitLocker Management in ConfigMgr

Importance of BitLocker

While we often speak of cyber security in terms of access to privileged accounts and our organization’s systems, there is another piece of the security puzzle that is just as important. Keeping physical devices safe deserves the same level of attention. Important company data is often stored on users’ laptops (whether it should be or not). With the amount of work travel that takes place, some devices are bound to get lost or stolen. The last thing any organization wants is the CEO’s laptop out in the wild unencrypted with confidential data ready for the taking. Enter Bitlocker, a tool that exists to keep that data safe when a device gets lost or stolen.

In a blog series on this site, Maurice Daly covered the topic of migrating away from standalone MBAM (Microsoft BitLocker Administration and Monitoring) to ConfigMgr BitLocker Management. Thankfully, Bitlocker management within ConfigMgr can be greatly simplified by using Right Click Tools. Whether you need a web-based report to pass over to security, a full view of how many of your devices are encrypted, or a simple way to retrieve a recovery key to get your end user back up and running, Right Click Tools streamlines your Bitlocker management within ConfigMgr.  

How Right Click Tools Helps

Whether you are just getting started with your BitLocker rollout or have Bitlocker fully implemented and only need to ensure all your devices are remaining properly encrypted, Right Click Tools can assist. The BitLocker Compliance Dashboard within Right Click Tools serves as a great resource to understand where your environment is sitting in terms of encryption. The dashboard gives you graphical overviews of recovery key storage (AD, CM BLM, MBAM, all locations, or the dreaded no keys stored), as well as unified compliance. You can click into any piece of the pie to see the endpoints that fall under that category. This will also uncover some more information about the devices including the encryption method used on the device. Knowing all this information is great, but the fully actionable dashboard makes it powerful. If you find any gaps, you can quickly act right away without needing to leave your ConfigMgr console.

The BitLocker Compliance Dashboard isn’t the only way Right Click Tools helps with BitLocker in your ConfigMgr console. If you need to quickly pull a BitLocker recovery key for a device, you can easily right click a device to access Right Click Tools, open security tools, and retrieve that device’s recovery key.

If you are looking to check up on the BitLocker compliance of a specific device, the Remote Windows Security Tool is the perfect place to get all the information you need in one place. From Remote Windows Security, users can gain insight into the drive with information on its protection status, the encryption method currently in use, and the key protectors currently active for that drive. Users can also take action right from within this tool. So, if organizations happen to find that the drive is not currently encrypted, they can take care of it right away.

As alluded to previously, the Right Click Tools Bitlocker Compliance Dashboard can also generate web-based reports to send over to security or management. Anybody who needs to see the compliance levels without accessing the ConfigMgr environment will find these reports helpful. Running a Recast Management Server (RMS), which is included with your Right Click Tools Enterprise License, gives users the ability to pass along web-based reports (including BitLocker compliance). Organizations can then keep the appropriate people up to date on compliance levels without having to worry about them entering directly into the ConfigMgr environment.

Bitlocker Streamlined

The BitLocker Compliance Tool dashboard is designed to get users quick information about BitLocker in their environment. It also enables users to quickly take action to remediate issues that they may find.

Let Recast know if you have any questions, or if you think the BitLocker Compliance Tool dashboard could help you. Reach out here.