# Advanced Insights "BitLocker" Dashboard

*Applies to: Patch My PC Advanced Insights*

{% hint style="info" %}
The BitLocker dashboard requires the following hardware inventory classes to be enabled:

* BitLocker (Win32\_EncryptableVolume)
* BitLocker Encryption Details (Win32\_BitLockerEncryptionDetails)
* BitLocker Policy (Win32Reg\_MBAMPolicy)
* TPM (Win32\_TPM)
  {% endhint %}

For full functionality of this dashboard, MBAM should be integrated with ConfigMgr as outlined in this document:<https://learn.microsoft.com/en-us/mem/configmgr/protect/deploy-use/bitlocker/deploy-management-agent>

This will ensure the BitLocker Unmanaged and Recovery at Risk statistics are populated.&#x20;

The top row of statistics help to identify where configuration errors may be causing compliance issues.&#x20;

<figure><img src="/files/k9qi9hRzUOVcTdKmI9gW" alt=""><figcaption><p>BitLocker compliance stats</p></figcaption></figure>

The first statistic, "BitLocker Unmanaged" shows Computers which have a BitLocker Encrypted Operating System Drive but are not under the control of a Configuration Manager or integrated MBAM Agent Management Policy. These devices may not conform to the required standard and will not report compliance.

Recovery at risk lists computers which have a BitLocker Encrypted Operating System Drive but have not yet escrowed a recovery key into the Configuration Manager database. You may be unable to access these devices in the event of a BitLocker Recovery prompt.

Inactive TPM portable devices lists laptops machines which do not show an activated TPM chip.

Non-Compliant Computers shows BitLocker Encrypted computers which do not conform to the BitLocker policies set in your environment. Clicking through will show the compliance conflicts:

<figure><img src="/files/m71t99WjUl7BNnfmqIvq" alt=""><figcaption><p>Compliance failures</p></figcaption></figure>

The row of donut charts show the BitLocker status for all workstation clients (off, on, suspended or unknown). We show the BitLocker Cipher in use by the clients (this requires the MBAM integration listed above). We show the TPM version of the clients and the TPM Status (Activated, Enabled, Unknown). TPM "Enabled" is ready for activation by the OS, but is not currently in use.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.patchmypc.com/patch-my-pc-insights/dashboard-guides/advanced-insights-security-and-compliance-dashboard/advanced-insights-bitlocker-dashboard.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.