Is anyone using BDE in an enterprise ervironment? I might be wrong but I have noticed some things. 1. I have not found a passsword policy to force the password change every 90 days. 2. If someone steals the laptop and uses a piece of software to crack the local admin password they can see all the contents of the encrypted drive. 3. If the users have admin rights you have to create a policy that will hide the bitlocker icon in the control panel so it can't be disabled you would also have to password protect the bios so tpm could not be turned off or cleared. 4. Can BDE be set to a pre-boot screen? Any advice is appreciated.