At my sessions at TechEd I tell a fictional story of the domain controller stored underneath the receptionists desk serving not only as a DC, but also as a stand for the water cooler. I know it’s an extreme example of branch office craziness, but it helps people understand the sensitivity of our domain controllers and the information that they hold. With the new Read Only Domain Controller role in Windows Server 2008, we significantly reduce the security risk if someone where to back a truck in through the glass window and drive off with our server. Well what about when I want to run things Virtually? What about the rest of the data on the server? How do we protect that? The answer my friends is Bitlocker!
Essentially bitlocker is an OS based feature that works with server hardware and firmware to provide secure OS boot and drive encryption. It’s designed to safeguard the integrity of the OS and data on your hard drive. So even if it’s stolen and put in another machine, your data is protected.
Now the guys over in the Virtualization and Bitlocker teams have published a step by step whitepaper on configuring Hyper-V with Bitlocker encryption. Give it a look and see how you can enhance the security of your branch office with this really cool technology.