Organizations frequently use encryption as an extra measure for servers posing a security risk. Data theft, loss or discovery can be prevented by using encryption, and Windows BitLocker is one option Windows admins should consider.
BitLocker is a tool that encrypts all user and system files on a hard drive. Once deployed, authentication allows access to the encrypted data and to boot up Windows servers. Windows Server 2012 can use the native BitLocker utility to encrypt data on a server's disk and ensure a server's integrity.
In this FAQ, Stephen Bigelow takes on issues prospective Windows BitLocker users may come across and what to expect from this encryption tool in Windows Server 2012.
Follow us on Twitter @SearchWinServer.
Why should I use BitLocker in Windows Server 2012?
BitLocker is available in all Windows Server 2012 versions (plus Windows 8 Enterprise and Pro) to secure system and user files. It has an easy installation process and supports multiple access methods. Plus, Microsoft says BitLocker encryption has a small performance penalty at only 10% or less.
What server requirements are needed to use Windows BitLocker?
There are no excessive or unusual requirements to use BitLocker in Windows Server 2012. These are the three requirements, all of which are relatively easy to meet: a server with a trusted module platform to ensure the system's integrity, an evaluation of the system's BIOS and two partitions provided by the encrypted drive.
What are the best ways to use the BitLocker recovery options?
There are two recovery options in Windows Server 2012: Suspend or Decrypt. If you want to stop using BitLocker all together, it's best to use Decrypt, which decrypts all of the data and disables BitLocker. It's also good to know that some software upgrades may require drives to be suspended or decrypted before installation to prevent any BitLocker interaction issues.