Manage Keys and Encrypt Machines with DriveStrike

Windows BitLocker Encryption

Windows BitLocker Encryption is easy to set up with DriveStrike, and it is a simple and effective way to encrypt and protect your fleet of Windows machines. Below you will find some information and instructions to help you get a good idea of how DriveStrike enables you to configure BitLocker integration and keep devices secure, all from one central console.

Start a free trial to start encrypting your Windows machines and managing keys through DriveStrike, and feel free to contact us if you have questions or need any help. If you have a large number of machines, check out our Windows Mass Deployment guide for setting up DriveStrike.

DriveStrike Encryption

Encrypt on Command

To enable BitLocker on a machine, simply click on that device and select “Encrypt” from your available actions in the top right of the device page. As long as BitLocker is supported on the device, the encryption process will begin immediately.

DriveStrike Key Management

Escrow Keys

DriveStrike retains a copy of the recovery key file for all machines that have BitLocker enabled through DriveStrike. This ensures that administrators have an encryption key to unlock encrypted data when needed.

DriveStrike Remote Lock

Rotate Keys & Lock

When a key rotation occurs, DriveStrike creates new BitLocker keys and deletes its previous keys, and triggers a reboot. You will need to use one of the newly-created keys shown on the Device page to allow the computer to continue booting.

DriveStrike BitLocker Persistence

Persist BitLocker

DriveStrike administrators have the option to persist BitLocker, which means that even if administrative user disables BitLocker on their machine, DriveStrike will automatically re-enable BitLocker.

Start Your Free 30-Day Trial

Your organization needs simple and wide-reaching solutions to combat daily security challenges. DriveStrike helps you protect your most critical data with premium quality endpoint security.

Encrypt Windows devices you manage

BitLocker Integration Overview

With DriveStrike’s Windows BitLocker integration, deploying and enabling whole drive encryption has never been easier. DriveStrike provides added data security at no additional cost while easing the deployment and management of encryption keys. DriveStrike supports BitLocker deployment and encryption for Trusted Platform Module (TPM) devices as well as older, non-compliant hardware.
DriveStrike for Windows

Windows Remote Encryption Pre-requisites:

  • Windows 8 or 10 with a valid BitLocker license.
  • BitLocker is available on Windows Pro, Ultimate, Enterprise, and Education editions.

DriveStrike will confirm BitLocker availability upon device registration, and display “Enable” in the DriveStrike Device Details page for supported devices.


Selecting “Enable” on the DriveStrike Device Details page encrypts all your physical internal hard drives and escrows a recovery start up key file that can be used to boot the machine and access the encrypted data. DriveStrike reports the progress of drive encryption in the Details section of the Device page.

Devices that are encrypted will be noted in the Dashboard with the following icon:‎ ‎ ‎ DriveStrike-Encryption-Icon


Encrypt a Windows Device in 3 Easy Steps:

1. Log In to DriveStrike

When you log in to your account, your Dashboard will show you all the devices you manage at a glance. You can search for the device if you manage a large number of devices.

2. Click on the Device

On the Device Page, you will see information about the device, available actions, and a history of actions. You can also see a map showing the last known location of the device.

3. Click “Enable”

DriveStrike will encrypt the device’s hard drive and escrow keys. A link to download the recovery key for each encrypted drive is displayed in the Device Details section.