Microsoft's BitLocker is an endpoint encryption option.
$100
One Time Fee
Microsoft Defender for Endpoint
Score 8.9 out of 10
N/A
Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.
Honestly, when we started out with BitLocker, there was a lot of pain points and certain "features" that were really bugs for us, if we plugged a laptop into a dock and started it, then starting it without a dock would lock the machine. Those things were eventually fine-tuned …
It is well suited especially for users that access or store sensitive/confidential data on their computers. In the case of where users are accessing confidential data over the network, it is highly recommended to use Bitlocker to encrypt the computer. In the case where users are storing confidential data on their computer, it should be a requirement that BitLocker is used/enabled. It would be less appropriate if someone was using a computer and they were not dealing with any sensitive data, or in cases where the computer is used for recreational purposes (browsing the web, playing games, etc).
Microsoft Defender for Endpoint is easy to deployed across the entire organization. Having a cloud based solution with a single pane of glass to manage all assets is a real no-brainer. Being able to receive immediate alerts when suspicious activity occurs is extremely helpful in keeping risks at a minimum. Microsoft Defender for Endpoint management is also smart enough to not send several alerts when an attack could be hitting multiple targets within a certain time frame or when it's the same attack multiple times. However, be prepared to click through multiple pages all over the site to figure out what happened when an attack occurs.
One, it's crazy lightweight, so compared to some of the competitors that we also have used with our security services, it's really lightweight and so I don't have a lot of overhead on the system that it's running on.
Even if it's the best we tested, I think write performance could be improved. Maybe with dedicated hardware inside the TPM?
No integration with OS password is a shame as most others have it and it is Microsoft on Microsoft so they can probably do it better then anyone else and safer.
I wish they would support multiple passwords like FileVault on macOS. If it's a shared computer, you have to give the only password to Bitlocker to both users.
Cost add-ons for Security features is nickel and diming the process to keep pace with cybercrime. Limited Education budgets require us to be more pro-active in finding cost-effective measures to protect our devices, staff and students. Defender is a strong, well-featured product that is pricing itself out of the education market
It offers multiple security features and integrates well with Microsoft ecosystems. A workflow for threat detection, investigation, automated remediation, and a centralized dashboard is an added advantage. This application is mainly designed for experienced users; new users may feel challenged.
Microsoft Defender for Endpoint chugs along just fine no matter what we throw at it and what systems it's running on. It doesn't take up a lot of resources either, so that's welcomed.
Not good nor bad, BitLocker encryption is a symptom of our era, we need to protect ourselves and our data, BitLocker is a tool, as an IT we have to deal with it but it doesn't bring any benefit to my daily operations.
The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session
Deployment was handled by our team here and everything went pretty smoothly. We did have a few hiccups in our test group, but that only took a bit to get ironed out.
BitLocker Drive Encryption solution offering is cheaper than the one that McAfee offers, it will help you with specific business concerns like "how many encrypted assets do I have?" it's easy to maintain, easy to deploy, and easy to track. It's best suited for companies that are not trying to go far away on the disk encryption matter
Defender is far easier to deploy and manage than Sophos and tends to work without as many issues. The threat assessment portal provides an in-depth view of the organization's security posture, whereas Sophos only shows the patching status of the PCs. We did need Intune to get many of the control features (disabling USB drives) that Sophos offered out of the box.
The biggest positive impact it has on ROI is the cost savings, since there is no cost to using the software.
Since it's widely available to anyone with a Windows computer, and the program is built into the operating system, there is no need to really install anything. This helps to save time of the IT department having to do installs, and also keep track of licensing, etc.
