Accessing an encrypted server / protected folders via VPN

I am thinking of purchasing a Windows server (2016 Essentials) for our small office. Among other things, it would serve as a central file repository, accessible to PC users in the LAN, as well as outside PC users that VPN into the office network.

The files would be in username/password-protected folders. To further protect data in case of physical theft of the server (somewhat unlikely but just in case….), I would like to encrypt the server using Bitlocker.

Given the above, is it possible to set up things so that VPN users (using Windows 10 Pro PCs) can access the encrypted drive and protected folders without having to type in encryption key, and folder username / password every time ?

I’d appreciate comments from anyone who has experience of this.

Thanks in advance !
Paul McCabeAsked:
Who is Participating?
 
McKnifeConnect With a Mentor Commented:
Ok, then consider bitlocker a good option. Bitlocker has no impact on share access, so your shares, will be protected by the NTFS permissions that you set.
1
 
McKnifeCommented:
To protect it with bitlocker is always a good idea if physical access by unauthorized people is possible.
However, for servers, you need to understand that they should be able to reboot hands-free - when bitlocked, they will need someone to enter the key unless you are able to use a TPM chip as protector.
->find out if your server is equipped with a TPM or can be equipped with one (that is: if a TPM header is part of the mainboard).
0
 
Paul McCabeAuthor Commented:
Yes, the server is equipped with a TPM chip.
0
 
Paul McCabeAuthor Commented:
...although it is no problem to manually input the encryption key if it becomes necessary for some reason.
0
 
Paul McCabeAuthor Commented:
That is good news, thanks a lot. Appreciate the advice !
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.