Most of it's internal politics.
We are in the Medical Industry (HIPPA is a huge concern) and chose Safeboot
as our encryption solution last year. So there is a "we already spent the
time and money to do this...." mentality.
Also, there are folks who think because it is Microsoft, there will be
security holes in it. Couple that with it being the "first model year" of the
product they don't feel we should jump on that bandwagon untill it is proven.
"Steve Riley [MSFT]" wrote:
Quote:
> Whitefearn--
>
> No, there is no specific GPO for preventing the use of BitLocker.
>
> If user's aren't running as local administrators, then they can't enable
> BitLocker anyway, so there's one way to prevent it. A more complicated way
> would be to configure the group policy that requires backing up keys to
> Active Directory but then don't do AD setup required for this -- thus
> guaranteeing BitLocker installation failure.
>
> I am curious, though -- why do you not want to take advantage of one of the
> most important features available for protecting mobile data on laptops?
>
> --
> Steve Riley
> steve.riley@xxxxxx
> http://blogs.technet.com/steriley
> http://www.protectyourwindowsnetwork.com
>
>
> "Richard G. Harper" <rgharper@xxxxxx> wrote in message
> news:EB3EEFBC-DD12-4E9E-9F87-D2F833AACEC5@xxxxxx Quote:
> > I didn't have time to read all the documents I found, but in general if
> > you can configure it via Active Directory, that includes the ability to
> > disable it.
> >
> > --
> > Richard G. Harper [MVP Shell/User] rgharper@xxxxxx
> > * NEW! Catch my blog ... http://msmvps.com/blogs/rgharper/
> > * PLEASE post all messages and replies in the newsgroups
> > * The Website - http://rgharper.mvps.org/
> > * HELP us help YOU ... http://www.dts-l.org/goodpost.htm
> >
> >
> > "Whitefearn" <Whitefearn@xxxxxx> wrote in message
> > news:9B952496-60AC-41DF-B755-D362C1EBDC1E@xxxxxx Quote:
> >>I have seen quite a few posts regarging configuring it, but not disabling
> >>it
> >> completely, so i was hoping someone might have a few ideas of pieces of
> >> it
> >> that i could block or disable that would make the process difficult to
> >> implement.
> >>
> >> Thanks
> >>
> >> "Richard G. Harper" wrote:
> >>
> >>> Search Microsoft's TechNet and MSDN resources for Active Directory and
> >>> BitLocker - there are many documents available on this subject including
> >>> a
> >>> guide to configuring BitLocker through Active Directory.
> >>>
> >>> --
> >>> Richard G. Harper [MVP Shell/User] rgharper@xxxxxx
> >>> * NEW! Catch my blog ... http://msmvps.com/blogs/rgharper/
> >>> * PLEASE post all messages and replies in the newsgroups
> >>> * The Website - http://rgharper.mvps.org/
> >>> * HELP us help YOU ... http://www.dts-l.org/goodpost.htm
> >>>
> >>>
> >>> "Whitefearn" <Whitefearn@xxxxxx> wrote in message
> >>> news:887FDF34-97F1-4BED-BFF2-2F8EC82B982A@xxxxxx
> >>> > We do not want to use bit locker in our company, and don't want the
> >>> > rogue
> >>> > person to setup bitlocker and us not be able to recover data for them.
> >>> >
> >>> > Is there a way to completly disable the bitlocker options though a
> >>> > GPO?
> >>> >
> >>> > Thank you
> >>> > > >