Bitlocker

Microsoft BitLocker Administration and Monitoring (MBAM) 2.5 provides a simplified administrative interface that you can use to manage BitLocker Drive Encryption. You can configure MBAM Group Policy Templates that enable you to set BitLocker Drive Encryption policy options that are appropriate for your unit, and then use them to monitor client compliance with those policies. You can also report on the encryption status of an individual computer and on the unit as a whole. In addition, you can access recovery key information when users forget their PIN or password or when their BIOS or boot record changes.

AVAILABLE TO: Staff

FUNDED BY: University

MBAM 2.5 has the following features:

  • Enables administrators to automate the process of encrypting volumes on client computers across the enterprise
  • Enables security officers to quickly determine the compliance state of individual computers or even of the enterprise itself
  • Reduces the workload on the Help Desk to assist end users with BitLocker PIN and recovery key requests
  • Enables end users to recover encrypted devices independently by using the Self-Service Portal
  • Enables security officers to easily audit access to recover key information
  • Empowers Windows Enterprise users to continue working anywhere with the assurance that their corporate data is protected

MBAM enforces the BitLocker encryption policy options that you set for your enterprise, monitors the compliance of client computers with those policies, and reports on the encryption status of the enterprise’s and individual’s computers. In addition, MBAM lets you access the recovery key information when users forget their PIN or password, or when their BIOS or boot records change.

Requirements

  • Windows 7 Enterprise, Windows 8.1 Pro, Windows 8.1, or Windows 10 (Pro and Enterprise)
  • Two partitions
  • Trusted Platform Module (TPM) – (Not required for Windows 8.1 or 10 provided a PIN is set)

A TPM is a special chip that runs an authentication check on your hardware, software, and firmware. If the TPM detects an unauthorized change your PC will boot in a restricted mode to deter potential attackers.

NOTE: To determine if you have a TPM enabled, check the device manager and look for a Security Devices section. If you don’t see one listed, there might still be one on your system, but it might be disabled and need to be enabled in you computers BIOS.

NOTE: Please note that TPM 2.0 requires UEFI Secure Boot in order for BitLocker to work properly.

C-Stop, BSB

Monday - Friday, 8:00am - 7:00pm​​

1007 West Harrison Street, Behavioral Sciences Building (BSB), Learning Center, First Floor, Chicago, Illinois 60607

Service Level Agreement

Service Request Fulfillment Time 2-4 business days depending on the complexity of the request
Incident Resolution Time 3–5 business days depending on the complexity of the incident
Service Availability 24x7
Maintenance Window(s) Approved ACCC maintenance window(s)
Service Notification Channel(s) ACCC Service Notices, REACH distribution email list
Reviewed to Ensure SLA Meets Business Requirements Provisional SLA - Currently under IT Governance review
Date Reviewed Provisional SLA - Currently under IT Governance review
Service Owner: Ed Zawacki