I have a Windows Server 2012 R2 LAN that is working great. I recently have been given the task to encrypt the data at rest. I would like to use bitlocker, but all the documentation is for hyperglobalmegaplex level business.
My server doesn't have TPM, so I think a safety key (USB stick) would work, but for the clients..would I use safety key there? Is is possible to force all external media to be encrypted via AD keys?