New
#1
Interesting !
:)
None of the usual websites seem to have picked up on it, however during Ignite 2015 one of the architects has said that it will be possible for users to enable Bitlocker on Windows 10 phone devices. Previously Microsoft restricted it to corporate users as it needed to be enabled through Exchange ActiveSync (EAS) or Mobile Device Management (MDM), which normal users didn't have access to.
Source: 'Windows 10 for Mobile Devices: Secure by Design' (50:20 in):
https://channel9.msdn.com/Events/Ignite/2015/BRK3309
Although this is brilliant news and I'm happy that they're finally allowing users to enable it, I think it's still maybe a bit short-sighted, and here's why.
With Universal Apps about to totally change how people use software and 128GB MicroSD cards being affordable now, I can see people wanting to sync ALL their files, music collection, etc. between PC, OneDrive and phone so that their files are always available offline whereever they are and whatever device they're on. But unfortunately, if they want them safely encrypted this announcement only provides half a solution, as the speaker went on to say that Bitlocker for phone devices is still restricted to internal storage only, which means that unless they don't have much data, they're going to have to wait until devices come with more internal storage built-in before they can take advantage of it.
Even then though, I can't help thinking a Bitlocker encrypted MicroSD card would be a better place to store OneDrive/user files on a phone, so that when someone gets a new device they can just swap the card over to the new device, enter the Bitlocker password and all the files are there ready (assuming it isn't locked to the phones TPM and recovery key required). Maybe there's a technical reason they don't want to go down this route, I don't know.
It's no surprise though - even the basic version of Windows 8.1 has device encryption for devices which meet the InstantGo spec (which tends to be things with solid state storage like tablets), which uses Bitlocker technology, so I'd have been surprised if they'd done anything else.