We changed our name from IT Central Station: Here's why

What should one take into account when replacing PGP with Microsoft BitLocker?

Hi, we're planning to replace PGP with Microsoft BitLocker for our endpoints. What aspects should we take into consideration during this move? 

Thank you!

ITCS user
33 Answers

author avatar
Top 20User

From a licensing perspective, you will want to have management over BitLocker.  

With PGP you have a management tool to manage the encryption, but you are using a non-native product to encrypt your devices and may slow the device down or create other management issues.  

If you are in a regulated industry like Healthcare or just want more control over BitLocker, management is critical.  BitLocker is native to the operating system and an individual can encrypt their machine but then the keys are not secure so you have less protection from regulators.  

There are a few ways to manage BitLocker.

MBM or Microsoft BitLocker manager is part of some on-premise Microsoft licensing for Windows as well as Microsoft 365 Business Premium and Microsoft 365 E3/E5 (Not part of Office 365 E3/E5).  With MBM your keys are encrypted and reporting will show that the device is encrypted or unencrypted if lost.  That is very important with Healthcare Laptops, since a lost laptop can cost a healthcare organization $Millions depending on what the Healthcare Org can prove what was or was not on the laptop to the Federal Govt. "Office of Civil Rights"...

Sophos is another product that will manage BitLocker and encrypt the keys.

Trend Micro is another that will also manage BitLocker and encrypt the keys.

author avatar

Do a google search on "bitlocker hack"

Review some of the videos to see just how easy it is.

Learn what your peers think about Microsoft BitLocker. Get advice and tips from experienced pros sharing their opinions. Updated: January 2022.
563,780 professionals have used our research since 2012.