|
| ▲ | IrishTechie 11 minutes ago | parent | next [-] |
| We have more issues with FileVault than we do with BitLocker, the latter being a fleet 5 times larger than the former. I find both “fine” for enterprise. |
|
| ▲ | john_strinlai 2 hours ago | parent | prev | next [-] |
| >if by "great" you really mean "fine". no, i mean great. managing a fleet of 100+ laptops with bitlocker is a breeze. its so seemless that the users don't even realize its enabled (i.e. no UX issues, at all). on the other hand, i am not managing 100+ laptops that use veracrypt. sounds absolutely awful. i've never managed an apple fleet, so i can't speak to that, and will take your word on it. for personal use, i do not recommend bitlocker (or windows, really), but for already-windows enterprises? absolutely |
|
| ▲ | dcrazy an hour ago | parent | prev | next [-] |
| FileVault absolutely has an optional iCloud Keychain escrow. That’s how the “unlock with Apple Account” feature works. Apple doesn’t have the keys for iCloud Keychain, but it is still stored in iCloud. |
|
| ▲ | Arainach an hour ago | parent | prev | next [-] |
| Veracrypt is more difficult to set up - whether on one machine or a fleet. Bitlocker is a few buttons in the UI, configurable via Group Policy, and so much more. What is brittle or awkward? |
|
| ▲ | j16sdiz an hour ago | parent | prev [-] |
| > Filevault for MacOS (which is wonderful and never sends your key to be kept somewhere else) Did you read the documentation? https://support.apple.com/guide/mac-help/protect-data-on-you... "iCloud account: Click “Allow my iCloud account to unlock my disk” if you already use iCloud. Click “Set up my iCloud account to reset my password” if you don’t already use iCloud." https://developer.apple.com/documentation/devicemanagement/f... "FileVault Full Disk Encryption (FDE) recovery keys are, by default, sent to Apple if the user requests them. Only one payload of this type is allowed per system." |