The best way to enable Bitlocker via Intune

Lger-3439 166 Reputation points
2023-03-28T14:26:47.19+00:00

Hi experts,

We are moving our Windows 10 device from on-promise SCCM to Intune now. We want to know how many ways to enable Bitlocker using Intune. What is the best one or your recommendation?

Microsoft Intune Configuration
Microsoft Intune Configuration
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Configuration: The process of arranging or setting up computer systems, hardware, or software.
1,881 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Rudy Ooms 611 Reputation points MVP
    2023-03-28T15:59:17.1633333+00:00

    It depends.... you can do so by using a powershell script or just the build in options (endpoint security) or a device configuration profile.

    A lot of options :)

    0 comments No comments

  2. Jordan Millama 1,341 Reputation points
    2023-03-28T17:32:14.38+00:00

    We use a Disk encryption policy/profile (what used to be a device configuration profile) along with a compliance policy to implement and enforce Bitlocker on our devices.

    You will now create one in Endpoint Manager > Endpoint security > Disk encryption > Create Policy

    Here's ours for an example:

    User's image


    Please accept as an answer if this was helpful.

    0 comments No comments

  3. Simon Ren-MSFT 33,456 Reputation points Microsoft Vendor
    2023-03-29T01:33:04.53+00:00

    Hi,

    Thank you for posting in Microsoft Q&A forum.

    The following two policy types are most commonly used to configure BitLocker on Windows devices in Intune. You can choose either one according to your organization.

    1,Endpoint security disk encryption policy for BitLocker. The BitLocker profile in Endpoint security is a focused group of settings that is dedicated to configuring BitLocker.

    2,Device configuration profile for endpoint protection for BitLocker. BitLocker settings are one of the available settings categories for Windows 10/11 endpoint protection.

    For more information, please refer to the official article:

    https://learn.microsoft.com/en-us/mem/intune/protect/encrypt-devices

    Thanks for your time. Have a nice day!

    Best regards,

    Simon


    If the response is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    https://docs.microsoft.com/en-us/answers/articles/67444/email-notifications.html

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.