alphaspirit - Fotolia
The BitLocker feature in Windows Server 2012 can help admins prevent data loss, theft or discovery by encrypting data on a server's disk. The feature supports several methods for access, such as an encryption key, that ensure the security of encrypted data and the server's integrity.
BitLocker installation requirements
Installing BitLocker is fairly simple, but there are certain caveats. While using a trusted platform module (TPM) is not required to install and use BitLocker, it is needed to tie local disks to their specific physical server, which prevents encrypted disks from being installed in other systems. Admins will also need to evaluate the system's BIOS, and two partitions.
BitLocker recovery options
There are two recovery methods for BitLocker in Windows Server 2012 -- Suspend and Decrypt -- that are used differently. When used with a TPM, the Suspend option keeps the disk encrypted but exposes the BitLocker key, while the Decrypt option fully decrypts all data on the drive and effectively disables BitLocker.
Protecting data with BitLocker encryption
BitLocker encryption can be installed using the Server Manager utility and will encrypt all user and system files on a hard drive. Once the feature is deployed the system will require proper authentication to access encrypted data and to boot Windows Server 2012.
Tighten up Windows 8 security with BitLocker
Using MBAM 2.0 to manage Windows BitLocker encryption across multiple computers
What are the best ways to use Windows BitLocker in Windows Server 2012?