Free SCCM Report: BitLocker and TPM Status Dashboard

October 2019’s free  System Center Configuration Manager (SCCM) report is BitLocker and TPM Status dashboard.

It goes without saying that companies manage a lot of data and this data must be kept secure at all times. Who wants to tell the CTO or President of your organization that the reason they are in the news or lost a big deal is because a laptop was stolen with important info on it? How can you guarantee that a stolen laptop won’t expose this information to the world? BitLocker of course!

BitLocker and TPM go hand-in-hand, so you need to ensure that both are enabled. How can you tell, though, what laptops are using BitLocker and if it is enabled? What about TPM? Not only do you have to ensure that both were setup correctly to begin with, but sometimes when testing or troubleshooting problems, admins turn one or the other off and forget to turn them back on.

Fortunately, with System Center Configuration Manager (SCCM) Current Branch you can inventory the state of both BitLocker and TPM. Unfortunately, there aren’t any built-in reports for you to run in order to review this data.

BitLocker and TPM Status Dashboard

With Enhansoft’s  BitLocker and TPM Status dashboard you can quickly see the number of computers that are completely protected. In addition, you can see how many computers either need BitLocker enabled or have a TPM issue.

Here’s a breakdown of each state by color:

Green = Protected

Yellow = BitLocker is Not Enabled on All Drives

Orange = BitLocker is Turned Off

Pink = BitLocker is Not Enabled

Red = TPM Issue

Protected means that the system is fully encrypted with BitLocker and TPM is correct.  

BitLocker is Not Enabled on All Drives means that TPM is setup and ready to use, but a computer has more than one drive within the system where at least one of the drives is not encrypted with BitLocker. Generally the solution is to enable BitLocker on all drives.

BitLocker is Turned Off means that TPM is setup and ready to use, but BitLocker is not turned on. The solution is to turn on BitLocker on all drives.

BitLocker is Not Enabled means that TPM is setup and ready to use and BitLocker is configured to be used, but as may be the case with servers, the BitLocker feature might not be installed (enabled). The solution is to install and configure BitLocker on all drives.

TPM Issue means TPM is either not installed on the computer or it is not enabled within the BIOS. The solution varies depending on the problem, but in some cases it could mean a hardware upgrade, i.e. replacing old computers with ones where TPM is installed.

As mentioned earlier, this dashboard leverages the inventory information of both TPM’s and BitLocker’s state from SCCM current branch.


Don't forget to subscribe to our Newsletter!

Enhansoft Reporting – BitLocker and TPM Status Dashboard

The BitLocker and TPM Status dashboard  is found within Enhansoft Reporting’s security category. This category of dashboards and reports provides you with all-important information about various security issues within your SCCM environment, such as BIOS and TLS settings.

The full set of BitLocker and TPM reports includes:

  • BitLocker and TPM Status Dashboard
  • List of Computers by BitLocker and TPM Status
  • Computer BitLocker and TPM Details

List of Computers by BitLocker and TPM Status


This report provides a list of computers by a specified BitLocker and TPM state. You can drill through from this report to the Computer BitLocker and TPM Details report.

Computer BitLocker and TPM Details


This report is divided into three major sections; the first section tells you about the computer itself. 

The second section tells you about the TPM status. This section is collapsed by default. Simply click on the text in order to expand the section. A green dot means that TPM has this state. Whereas a gray dot means that the TPM doesn’t have this state. For more details about each state, please see the Microsoft documentation.

The last section displays all of the computer’s drives along with each one’s BitLocker status. This section is also collapsed by default, so click on the text in order to expand it.

Are you looking for another SCCM report? Do you find that SCCM reporting is difficult? SCCM reporting shouldn’t be hard and with Enhansoft Reporting’s 150+ SCCM reports, sorted into 26 different categories, we make it easy for you!

We can’t possibly list all of the SCCM reports found in Enhansoft Reporting, but here are the 26 categories:

Applications and Packages
Computer Details
Configuration Manager Site
Endpoint Protection
ER Base Reports
Local Accounts and Groups
Mapped Drives
Mapped Printers
Microsoft Office
Mobile Device
Monitors (MIR)
Network Interface Controllers
Roles and Features
Software Inventory
Software Updates
SQL Server
System Enclosure
User Programs

Still not sure that we have the right SCCM report for you? Just ask and we will be more than happy to help you out! Send a note to

All of our free SCCM reports have the Role-Based Administration (RBA) feature enabled. This means that if you are using Microsoft System Center Configuration Manager Current Branch or Microsoft System Center 2012 R2 Configuration Manager, these reports will work with all RBA settings.

Do you have an idea for a SCCM report set that you would like us to create? Drop us a line on Facebook or Twitter!

Read More

Patch Compliance Progression by Collection

Font Size

Our products & services

Our products are designed for ConfigMgr Experts by ConfigMgr Experts. We focus on providing you with software solutions and consulting services that are easy to implement, and have an immediate impact on your company’s bottom line.

Find out more

Enhance Your Asset Management Knowledge

Our software has a worldwide reputation for extending and enhancing technologies. Like so, our Enhansoft consultants are leaders in their respective IT communities. Follow our blog to share in on their thoughts, ideas, and how-tos.

Our blog


Cut the costs of tracking IT assets on your network

The team at Enhansoft combines real-world system management experience with high-level programming expertise to design System Center Configuration Manager software that is easy to implement, and has an immediate impact on workload and company bottom line.


Enhansoft is a privately-held company with its headquarters located in Ottawa, Canada. Enhansoft’s trusted, best-of-breed IT solutions are successfully implemented by global enterprises and government organizations alike, in order to mitigate security and compliance risks, enhance accountability, lower IT costs, and increase efficiency within the Microsoft System Center Configuration Manager environment.

© 2017 Enhansoft. 1 Wheeler Street, Suite 200, Ottawa, ON, Canada, K2J 3C2.

Insert Merge Variable