Educause Security Discussion
mailing list archives
Re: pointsec vs. Guardian Edge
From: Michael Sana <msana () HPU EDU>
Date: Fri, 12 Jan 2007 11:02:28 -1000
According to Microsoft:
"BitLocker can also be used without a TPM. To use BitLocker on a
computer without a TPM, you must change the default behavior of the
BitLocker setup wizard by using Group Policy, or configure BitLocker by
using a script. When BitLocker is used without a TPM, the required
encryption keys are stored on a USB flash drive that must be presented
to unlock the data stored on a volume." 
Directions on implementation with and without a TPM (although I have yet
to attempt this) can be found on the Microsoft TechNet site found here
Michael C. Sana
Information Security Officer
Information Technology Services Division
Hawai`i Pacific University
1166 Fort Street
Honolulu, Hawai`i 96813
Telephone: (808) 566-2422
Fax: (808) 566-2439
Email: msana () hpu edu
From: Roger Safian [mailto:r-safian () NORTHWESTERN EDU]
Sent: Friday, January 12, 2007 10:56 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] pointsec vs. Guardian Edge
At 02:38 PM 1/12/2007, Pettis, Frederick put fingers to keyboard and
The system needs to have a TPM (Trusted Platform Module) chip to
BitLocker. I think most new systems come with it.
You don't need a TPM (and remember, that's a TPM 1.2 chip...I've seen
systems recently for sale with a 1.1) chip, but you do get additional
options if you do have one.
It's not in most new systems, but many business class systems now come
with the chip.
I think it makes sense to make sure you have one, since it will open
up options if you do, and you don't have to use it.
Roger A. Safian
r-safian () northwestern edu (email) public key available on many key
(847) 491-4058 (voice)
(847) 467-6500 (Fax) "You're never too old to have a great childhood!"