![microsoft bitlocker download windows 8.1 microsoft bitlocker download windows 8.1](https://kafaak.blog/wp-content/uploads/2019/07/windows-10-bitlocker-featured-1.jpg)
This policy has known issues that may lead to certain built-in devices (network, audio, etc) not working, or a slow system boot, in Windows 10 1709. The Disable new DMA devices when this computer is locked policy under Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption can be set to Enabled or Not Configured.
![microsoft bitlocker download windows 8.1 microsoft bitlocker download windows 8.1](https://i.ytimg.com/vi/Wxo5XqApryc/maxresdefault.jpg)
A value of 6 aligns with the Mobile Device Fundamentals Protection Profile. The Configure minimum PIN length for startup policy under Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives can be set to 6 or higher instead of 7.BitLocker is not used for Data Loss Prevention in DoD. The Deny write access to removable drives not protected by BitLocker policy under Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Removable Data Drives can be set to Not Configured instead of Enabled.AES-CBC 256-bit is allowed so operating system releases before Windwill be able read the encrypted media. The Choose drive encryption method and cipher strength (Windows 10 and later) > Select the encryption method for removable data drives policy under can be set to XTS-AES 256-bit or AES-CBC 256-bit instead of just AES-CBC 256-bit.NSA Cybersecurity recommends using the newest BitLocker settings in the Microsoft Windows Security Baseline, available in the Security Compliance Toolkit, with the following modifications: