barscaret-downcaret-leftcaret-rightcaret-upcheckchevron-leftchevron-rightfile-pdfinfosign-in-altsignin text-widthtimesyoutube

Windows > Device Data & Configuration

Enabling BitLocker for Windows

Updated on September 30th, 2020

In this article

BitLocker is an encryption feature for Windows devices. Encryption is a way to protect your system against unauthorized access and keep your data safe and secure.

This article describes how you can remotely enable BitLocker drive encryption for your Windows devices with Miradore.

You can choose to encrypt only the C: drive or all fixed drives. Same encryption method must be used to encrypt all drives on a computer.

Requirements

  • Enterprise plan of Miradore
  • Windows device must be enrolled to Miradore and have a Miradore Client version 1.3.2 or newer installed
  • Device must have a TPM (Trusted Platform Module) chip
  • Supported Windows versions and editions are described on the table below
Windows versions supporting BitLocker
Pro
Enterprise
Ultimate
Education
Home
Windows 10
Windows 8.1
Windows 7

How to enable Bitlocker in Four Steps

1. Go to Management > Configuration profiles and click the blue Add button.

Creating a configuration profile

2. Choose Windows > BitLocker and configure encryption settings.

Pay attention to the Windows version and drive type (fixed, removable) when choosing the encryption method. More information about the encryption methods is provided on the field tooltip.

BitLocker configuration settings

Click Next to finalize the profile creation.

3. Navigate to Management > Devices page and use the check boxes to select devices.

4. Click Deploy > Configuration profile to start the distribution wizard.

Notice that you cannot deploy the configuration to devices that are managed only through the built-in MDM profile.

Configuration profile deployment

Encryption may take some hours depending on the drive size. You can monitor the encryption status from the Windows dashboard widgets or from the Security table on the Device page.

Read more about viewing the BitLocker encryption status of your Windows computers in Miradore.

How to disable BitLocker?

Turn off BitLocker drive encryption simply by removing the deployed configuration profile from the device(s).

You can remove configuration profiles from a single device easily from the Device page.

For multiple devices, you can use the Deploy > Remove configuration profile button which can be found from the Devices page.

Automate with business policies

You can also create a business policy that deploys a BitLocker configuration profile automatically to all devices having a certain tag.

For more information, read How to create a business policy.

Previous Article:
«

Next Article:
»

Share the article

Get started with Miradore

Start securing your devices and data today with Miradore. Create a site in just a few minutes and start adding devices immediately. You can get started for free and try out the full features with our 14-day Enterprise trial.

No credit card needed.

SIGN UP FOR MIRADORESEE PLANS AND PRICING