Remotely Enable/Enforce Bitlocker & FileVault

Using JumpCloud® Policies, admins can remotely enable and enforce Windows® Bitlocker and Mac® FileVault full disk encryption (FDE). FDE is a buzzword being thrown around the IT industry a lot these days, but why is it important?

Why FDE is Important

FDE for Mac and Windows machines

In a day and age where data is invaluable, keeping it protected needs to be held in the same regard. This task is easier said than done; data can be accessed, and therefore compromised, in a variety of forms. One form that often falls unprotected is data at rest, that is, data available on a hard drive of a system like Mac, Windows, or Linux.

For servers and databases, there are several solutions on the market that IT admins can use to encrypt their data, protecting them in case of theft. Additionally, the act of physically stealing a server or database requires an Ocean’s Eleven level of heist, making them less of a target for data thieves. And, while there aren’t too many Brad Pitts or George Clooneys looking to get into AWS data centers physically, there are a lot of them looking to get in virtually and steal data.

Computers (laptop or desktop workstations), on the other hand, are much easier to swipe. Forbes reports that “one laptop is stolen every 53 seconds.” Even if the system itself is locked down, tech-savvy burglars can simply eject the system’s hard drive and pilfer the juicy data stored inside.

Due to this fallibility, Microsoft® and Apple developed Bitlocker and FileVault (respectively) as a way to lock down data when the hard drive is at rest. This full disk encryption became an industry standard for ensuring at rest data is kept safe. In fact, several compliance standards, such as PCI and HIPAA, require full disk encryption to achieve full compliance, and GDPR strongly recommends the practice.

The Trouble with FDE

Despite this, organizations have yet to widely implement and enforce Bitlocker and FileVault across their system fleets. While solutions exist on the market to enable the FDE programs, it is increasingly difficult to enforce, (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at: https://jumpcloud.com/blog/fde-remote-enable-enforce-bitlocker-filevault/

Zach DeMeyer

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

zach-demeyer has 278 posts and counting.See all posts by zach-demeyer