Microsoft's BitLocker is an endpoint encryption option.
$100
One Time Fee
Microsoft System Center Operations Manager (SCOM)
Score 6.8 out of 10
N/A
Microsoft's System Center Operations Manager (SCOM) is a monitoring and application performance management option, with the core datacenter and cloud-based systems monitoring.
It is well suited especially for users that access or store sensitive/confidential data on their computers. In the case of where users are accessing confidential data over the network, it is highly recommended to use Bitlocker to encrypt the computer. In the case where users are storing confidential data on their computer, it should be a requirement that BitLocker is used/enabled. It would be less appropriate if someone was using a computer and they were not dealing with any sensitive data, or in cases where the computer is used for recreational purposes (browsing the web, playing games, etc).
One of the biggest drawbacks to SCOM is the sheer scope and complexity of the system. This can be a pro and a con. The system is very customizable, what you put into it is what you'll get out of it. That said, the learning curve is fairly steep. An organization needs to be committed to putting time and resources into SCOM to get the most out of it. I've heard stories from colleagues of several different companies that invested in SCOM and then abandoned it due to the excessive time and care required.
SCOM is expensive. Not only is the enterprise licensing costly, SCOM requires it's own servers, operational and warehouse databases to be maintained.
The OOB SCOM reports are a bit clunky and feel outdated.
I give it a nine because encryption always leaves room for improvement, and it must change as security threats evolve and improve, and having an ever-evolving system is essential.
BitLocker Drive Encryption solution offering is cheaper than the one that McAfee offers, it will help you with specific business concerns like "how many encrypted assets do I have?" it's easy to maintain, easy to deploy, and easy to track. It's best suited for companies that are not trying to go far away on the disk encryption matter
We used Altiris and WSUS and in the beginning Altiris had the better admin interface than SCOM, but it is no longer the case as SCOM has refined their admin interface. Altiris still has better and more robust group assignments for management roles and those two other tools can better manage non Windows OS devices than SCOM but for a large enterprise Windows shop, if you can afford it, SCOM is the way to go.
