Windows 7, Microsoft’s latest snazzy operating system, comes pre-installed with BitLocker for its Enterprise and Ultimate editions. BitLocker is a hard drive encryptions feature which is meant to help business users and customers who pay a premium enjoy a greater sense of security. BitLocker uses a combination of AES encyption in CBC mode and the Elephant diffusor to protect data. According to Microsoft TechNet, “BitLocker protects against data theft or exposure on computers that are lost or stolen, and offers more secure data deletion when computers are decommissioned.”
Unfortunately, that’s only part of the story; BitLocker isn’t quite as safe as Microsoft would like customers to think. In fact, just recently, software firm Passaware released a tool which can essentially crack the encryption! It also lacks a quite a few features that other providers offer and has several vulnerabilities. The BitLocker service is very new and fails to get any sort advantage over existing market leaders.
What Does Your Business Need?
If you’re managing an organization, you know that you have enough on your plate without having to worry about your computers’ security. You need a solution that works out-of-the box, a proven and successful encryption service which keeps your private information safe and won’t give you any trouble. You need a standalone feature which can’t be exploited and works without any overly complicated set-up.
More importantly, you need a service provider which specializes in its field. Using security companies that work exclusive on encryption technology grants many advantages. Security solution provider who’ve worked in the field for many years can offer a much more complete service than business that offer encryption as a bonus feature.
BitLocker’s Weakness
An analysis of BitLocker from WindowsSecurity.com summarizes our thoughts on the product:
For organizations that take security more seriously this technology still needs to mature substantially before being able to be used with confidence.
BitLocker’s greatest weakness is its integration with the Windows 7 operating system. Unlike our computer encryption software, which works alongside your OS, the BitLocker feature is coded directly into it, making the service less secure. BitLocker’s dependence on the operating system login credentials can be exploited, as can its complicated volume structure. BitLocker also inexplicably stores the Master Key (used for data recovery) unprotected on the hard drive. BitLocker also fails to automatically back up recovery information, meaning that the process has to be done manually.
If you’re serious about your company’s security, it’s a much better idea to go with the full disk encryption we offer. We go beyond BitLocker’s capacities, fixing all of its quirks and providing customers with additional support. For example, we offer a 24/7 remote password reset service, something BitLocker has never even considered. It’s unsurprising that’s the Pointsec technology we offer is certified and can be used by governments or the military, while BitLocker has no 3rd party certification. In business, it’s best to play it safe and choose a product with a 20 year history and proven record, rather than experiment with an inferior one.
Further Reading
BitLocker Drive Encryption [Microsoft TechNet]
First commercial tool to crack BitLocker arrives [ars technica]
Endpoint Encryption – Is BitLocker Enough? [WindowsSecurity]
