Accessing an encrypted server / protected folders via VPN

I am thinking of purchasing a Windows server (2016 Essentials) for our small office. Among other things, it would serve as a central file repository, accessible to PC users in the LAN, as well as outside PC users that VPN into the office network.

The files would be in username/password-protected folders. To further protect data in case of physical theft of the server (somewhat unlikely but just in case….), I would like to encrypt the server using Bitlocker.

Given the above, is it possible to set up things so that VPN users (using Windows 10 Pro PCs) can access the encrypted drive and protected folders without having to type in encryption key, and folder username / password every time ?

I’d appreciate comments from anyone who has experience of this.

Thanks in advance !
Paul McCabeAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

McKnifeCommented:
To protect it with bitlocker is always a good idea if physical access by unauthorized people is possible.
However, for servers, you need to understand that they should be able to reboot hands-free - when bitlocked, they will need someone to enter the key unless you are able to use a TPM chip as protector.
->find out if your server is equipped with a TPM or can be equipped with one (that is: if a TPM header is part of the mainboard).
0
Paul McCabeAuthor Commented:
Yes, the server is equipped with a TPM chip.
0
Paul McCabeAuthor Commented:
...although it is no problem to manually input the encryption key if it becomes necessary for some reason.
0
McKnifeCommented:
Ok, then consider bitlocker a good option. Bitlocker has no impact on share access, so your shares, will be protected by the NTFS permissions that you set.
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Paul McCabeAuthor Commented:
That is good news, thanks a lot. Appreciate the advice !
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2016

From novice to tech pro — start learning today.