Managing BitLocker across a distributed Windows fleet shouldn’t be a gamble. MSPs need predictable encryption, accurate reporting, safe key handling, and tools that prevent technicians from making costly mistakes. That’s exactly why BitLocker for Automate continues to evolve — and the latest updates deliver the most stable, intelligent, and technician‑friendly version yet.
This release focuses on three core goals:
- Make encryption management safer
- Make technician workflows clearer and more intuitive
- Ensure data accuracy across every device and every operation
If your MSP relies on ConnectWise Automate to manage Windows endpoints, this update brings meaningful improvements that reduce risk, eliminate confusion, and strengthen compliance.
A Cleaner, More Informative Technician Experience
Technicians now get clearer, more actionable information the moment they open a device:
- Instant volume state detection (Locked, Unlocked, Suspended)
- Color‑coded status labels for quick visual recognition
- Automatic clearing of old messages when switching volumes
- Accurate button states that reflect the actual BitLocker condition
This reduces the cognitive load on helpdesk staff and ensures they always know what action is safe to take next.
Safety‑First Locking: No More “Hope for the Best”
Locking a BitLocker‑protected drive without a valid unlock method is one of the fastest ways to create a disaster. The updated BitLocker for Automate plugin now prevents that scenario entirely.
Before a lock command is allowed, the plugin verifies:
- A valid password or recovery key exists
- The stored KeyProtectorId matches the live system
- The database and endpoint are in sync
If anything looks unsafe, the plugin stops the operation and tells the technician what needs to be fixed first.
This is encryption management with guardrails — exactly what MSPs need.
Unlocking That Just Works
Unlock operations now automatically choose the best available credential:
- Uses a password if one exists
- Falls back to a recovery key
- Stops cleanly if no credential is available
No more trial‑and‑error. No more digging through notes or tickets. Just predictable unlock behavior every time.
More Reliable BitLocker Enablement
Enabling BitLocker is one of the most complex operations for MSPs, and this update makes it significantly more resilient:
- Detects and repairs stale or missing protectors
- Ensures a recovery key is always created and escrowed
- Adds missing protectors automatically
- Detects XTS cipher support and adjusts based on OS version
- Surfaces TPM reboot requirements with a clear “Reboot Computer” option
This reduces failed encryption attempts and ensures every device ends up in a compliant state.
Key Protector Removal That Respects BitLocker Rules
The plugin now understands when BitLocker is actually enabled and adjusts its behavior accordingly:
- If a drive is encrypted, it protects the “anchor protector”
- If a drive is decrypted, it removes protectors directly
- It avoids unnecessary or redundant commands
This leads to cleaner operations and fewer technician mistakes.
Cleaner, More Accurate Data — Automatically
After any operation, the plugin now performs intelligent cleanup:
- Removes stale volume records
- Removes stale protector records
- Ensures cleanup is scoped to the correct device
- Avoids wiping data when the agent returns incomplete results
Your Automate database stays accurate without manual intervention — a huge win for long‑term reliability.
A More Modern, Visual Drive List
The Manage Client view now uses a modern ListView with drive icons, making it easier to distinguish encrypted vs. unencrypted volumes at a glance. It’s a small UI improvement with a big usability impact.
Thread‑Safe UI for Long‑Running Operations
All UI updates now run through proper thread‑safe patterns, eliminating cross‑thread exceptions and improving reliability during:
- Encryption
- Scanning
- Protector updates
- Unlock/lock operations
This results in a smoother, more stable experience for technicians.
BitLocker for Automate: Built for MSPs Who Need Reliability
This update represents a major step forward in safety, clarity, and operational consistency. BitLocker for Automate is now more:
- Predictable — technicians always see the right action
- Safe — operations are validated before execution
- Accurate — data stays clean and trustworthy
- Efficient — fewer manual steps, fewer surprises
- Scalable — built for MSP environments with hundreds or thousands of endpoints
If your MSP manages Windows devices, BitLocker for Automate gives you the confidence and control you need to enforce encryption policies at scale — without the risk.
For licensing, documentation, or support, visit plugins4automate.com.
