Benefits of using Bitlocker on virtual fileserver?
Hi guys
We have a virtual fileserver 2012 R2 on Vmware. If I was to enable 'Bitlocker' on there, would it affect anything in terms of people's access to shared files etc?
Also, by enabling something like that would there be a benefit? I would assume that the whole point of it is if someone stole the systems and tried to access our information that they would have to enter a password to access the information on the disk? So my assumption is that Bitlocker on an external disk or laptop, yes, but on a virtual machine sitting on premises there's no need?
Thanks for helping
Yash
We have a virtual fileserver 2012 R2 on Vmware. If I was to enable 'Bitlocker' on there, would it affect anything in terms of people's access to shared files etc?
Also, by enabling something like that would there be a benefit? I would assume that the whole point of it is if someone stole the systems and tried to access our information that they would have to enter a password to access the information on the disk? So my assumption is that Bitlocker on an external disk or laptop, yes, but on a virtual machine sitting on premises there's no need?
Thanks for helping
Yash
John
Only persons with legitimate access to the VM should be using it, so trying to add bit locker to the VM will not add any practical security. Just restrict who has access.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
but on a virtual machine sitting on premises there's no need?
that depends on
1. Physical Security to your data centre ?
2. Administrators, which could download the virtual machine disk, access backups which also know the password, to enable bitlocker ?
do you trust your staff ?
ASKER
Thanks people. I already do encrypted backups which helps, but in terms of physical access, the servers sit in a locked room only accessible by members of I.T staff whom are my team and who I do trust fully, yes.
> the servers sit in a locked room only accessible by members of I.T staff whom are my team and who I do trust fully, yes.
basically, if you trust the IT staff, physical protection is perfectly fine. if you do have any concerns about physical security, including physical access and disk theft, then BitLocker is required or a must.
it's all about trust or confidence.
basically, if you trust the IT staff, physical protection is perfectly fine. if you do have any concerns about physical security, including physical access and disk theft, then BitLocker is required or a must.
it's all about trust or confidence.
Bitlocker doesn't hurt anything. MAYBE a slight (very slight) performance hit that odds are no one would notice.
Trust is great. *BUT* Trust changes. People who get married trust each other... until one (or both) betrays the other and they get a divorce...
Giving complete access, is unwise and encrypting it is wise. Unless you don't have any sensitive data... in any way. Then it really doesn't make a difference.
Trust is great. *BUT* Trust changes. People who get married trust each other... until one (or both) betrays the other and they get a divorce...
Giving complete access, is unwise and encrypting it is wise. Unless you don't have any sensitive data... in any way. Then it really doesn't make a difference.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I though i had read that Bitlocker'ing a Widows Server wasnt recommended...?
No, MS recommends to use BL anywhere. Problem with servers is, that those need to be able to reboot on their own, so you need a TPM chip and many old server models didn't have any (or server admins didn't understand that they need to buy an additional chip to fit on the solder ("TPM header") of their server board, first).