Update bitlocker-management-for-enterprises.md

2025-05-18 16:27:22 +00:00 · 2022-12-02 15:09:31 -08:00 · 2022-12-02 15:09:31 -08:00 · e149c6257e
commit e149c6257e
parent 3270c5b20b
1 changed files with 6 additions and 0 deletions
--- a/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md
@ -37,6 +37,12 @@ Starting with Windows 10 version 1703, the enablement of BitLocker can be trigge

 For hardware that is compliant with Modern Standby and HSTI, when using either of these features, [BitLocker Device Encryption](bitlocker-device-encryption-overview-windows-10.md#bitlocker-device-encryption) is automatically turned on whenever the user joins a device to Azure AD. Azure AD provides a portal where recovery keys are also backed up, so users can retrieve their own recovery key for self-service, if necessary. For older devices that aren't yet encrypted, beginning with Windows 10 version 1703, admins can use the [BitLocker CSP](/windows/client-management/mdm/bitlocker-csp/) to trigger encryption and store the recovery key in Azure AD. This process and feature is applicable to Azure Hybrid AD as well.

+Note:
+Managing BitLocker except for enabling and disabling it requires one of the following licenses to be assigned to your users:
+-Windows 10/11 Enterprise E3 or E5 (included in Microsoft 365 F3, E3, or E5)
+-Windows 10/11 Education A3 or A5 (included in Microsoft 365 A3 or A5)
+
+
 ## Managing workplace-joined PCs and phones

 For Windows PCs and Windows Phones that are enrolled using **Connect to work or school account**, BitLocker Device Encryption is managed over MDM, the same as devices joined to Azure AD.