Microsoft BitLocker Administration and Monitoring (MBAM) 2.5 provides a simplified administrative interface that you can use to manage BitLocker Drive Encryption. You configure MBAM Group Policy Templates that enable you to set BitLocker Drive Encryption policy options that are appropriate for your enterprise, and then use them to monitor client compliance with those policies. You can also report on the encryption status of an individual computer and on the enterprise as a whole. In addition, you can access recovery key information when users forget their PIN or password or when their BIOS or boot record changes.
A TPM is a special chip that runs an authentication check on your hardware, software, and firmware. If the TPM detects an unauthorized change your PC will boot in a restricted mode to deter potential attackers.
NOTE: To determine if you have a TPM enabled, check the device manager and look for a Security Devices section. If you don't see one listed, there might still be one on your system, but it might be disabled and need to be enabled in you computers BIOS.
MBAM 2.5 has the following features:
MBAM enforces the BitLocker encryption policy options that you set for your enterprise, monitors the compliance of client computers with those policies, and reports on the encryption status of the enterprise’s and individual’s computers. In addition, MBAM lets you access the recovery key information when users forget their PIN or password, or when their BIOS or boot records change.
There is no cost for this service.
June 23, 2016