USB Flash Drives and BitLocker - Centralized Management

Discussion in 'Software' started by PEBKAC, Nov 8, 2013.

  1. PEBKAC

    PEBKAC Private First Class

    Not sure where to go with this question because it's more than just "hardware" or "software". I hope it's okay that I'm dropping it in "The Lounge"...

    The organization I work for has several hundred McAfee MFE Standard Encrypted USB devices (Gen II / USB-ST02) that were discontinued in 2012 (EOL). I am looking for alternative solutions and am wondering if Microsoft's BitLocker would be a suitable replacement for flash devices, portable hard drives, and the like. It looks like BitLocker can be centrally administered through SCOM but I don't know if the management component works with portable devices.

    Going forward, I would like to avoid having to use proprietary hardware, such as IronKey. However, with several hundred encrypted devices, I can't forfeit centralized management. This rules out solutions like TrueCrypt. If BitLocker works, it could be a triple win for me, in that it would (a) free me from proprietary hardware, (b) still allow centralized management, and (c) not require my employer to purchase additional software and/or hardware through a third-party.

    The only drawbacks I see with a centrally managed BitLocker solution for removable media (assuming it is possible) is that the encrypted device would be inaccessible on any operating system that is not in the Microsoft family. Also, for Windows XP and Windows Vista, support is only provided using a Microsoft provided add-on reader (allowing read-only access).

    Is anyone using BitLocker for encryption and centralized management of flash drives? If so, what's your opinion of the solution? Does anyone have any fresh ideas on a centrally managed encryption solution for portable storage devices?

    Thanks for any and all responses!

    Sources:

    Microsoft BitLocker Administration and Monitoring (MBAM)
    http://www.microsoft.com/en-us/windows/enterprise/products-and-technologies/mdop/mbam.aspx

    Microsoft System Center Operations Manager Management Pack for Microsoft BitLocker Administration and Monitoring (SCOM and MBAM)
    http://www.microsoft.com/en-us/download/details.aspx?id=26796

    Microsoft Desktop Optimization Pack (MDOP)
    http://www.microsoft.com/en-us/windows/enterprise/products-and-technologies/mdop/default.aspx

    Encrypt Removable USB Drives with BitLocker To Go on Windows 7 (Standalone)
    http://technet.microsoft.com/en-us/magazine/dd490967.aspx

    BitLocker To Go Reader (Windows XP/Vista read-only Support)
    http://www.microsoft.com/en-us/download/details.aspx?id=24303
     
    PEBKAC, Nov 8, 2013
    #1

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds