Windows disk encryption through Systems Manager?

MrLeoChan
Comes here often

Windows disk encryption through Systems Manager?

I know for OSX, there is an option in the Systems manager to select FileVault. Does Windows have an option for that? If not, what programs are you using? Bitlocker?

17 Replies 17
PhilipDAth
Kind of a big deal
Kind of a big deal

We only use BitLocker.

felix_fx2
Conversationalist

I am using bitlocker, nope Systems manager has no option to enforce bitlcker nor can it monitor.

I am suffering due to it.

Can you control it via group policy?

Don't have a AD, Local group policy is not dependable and no visibility/reporting.

What about sending a command to every machine to turn on Bitlocker? If they have it enabled already nothing will happen. Otherwise it will turn it on.

I think the command would be something like:
manage-bde -on
or perhaps it might be safer to do:
manage-bde -on c:

Do this on a test machine first!

Here is some more info about the process:
https://docs.microsoft.com/en-us/windows/device-security/bitlocker/bitlocker-use-bitlocker-drive-enc...

I am already rolling out via another tool i have (a script agent), couldn't wait.
Now this is Geared towards reporting and enforcing, comparing with whats there for OSX in meraki MDM

 

on my wish list is systems that are enforced have the bitlocker recovery key escrowed to dashboard (instead of AD)

 

Are you by chance using Office 365?

we are powered by Google

Following topic as I would also love a solution to this. I am in the same boat as we are powered by google. @felix_fx2 did you manage to get any decent solution in place?
PatrickL
Meraki Alumni (Retired)
Meraki Alumni (Retired)

Hi everyone,

 

We have an early beta version of BitLocker management in testing right now. If anyone is interested in providing feedback, please fill out this form and we'll reach out if we see a match!

Beam me up scotty !

Is Meraki close to a production release of Systems Manager to support BitLocker?

PhilipDAth
Kind of a big deal
Kind of a big deal

I don't know, but there was a BitLocker beta running last year.

We were told by our Rep that Meraki Systems Manager would manage and enforce BitLocker but that does not seem to be the case. We ended up using TruGrid BitLocker Management since it works whether or not you have Active Directory. TruGrid does not require any scripting and does not require GPO.

Kay

Not interested in paying for another application for Bitlocker management - SM should do this out the box.

 

@PhilipDAth You mentioned earlier in the thread O365 accounts - is there a workaround here?

T1
Building a reputation

The way they Bitlocker support is "implemented" right now, Meraki enables it and user is prompted to sign in with Microsoft account to store decryption key OR save decryption key to an external device so we had to disable it as it creates confusion.
GreenMan
Meraki Employee
Meraki Employee

An old thread, but people here may be interested in recently upgraded support for Bitlocker in Systems Manager, from Windows 10 v1803 onwards:   https://documentation.meraki.com/SM/Apps_and_Software/Windows_BitLocker_Encryption_with_Meraki_Syste...

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels