A. BitLocker is a volume-level encryption technology. When the password for a BitLocker protected USB device is entered, the volume becomes unprotected for the OS instance. If the user who unlocked the device doesn't disconnect the device before logging off, or if another user logs onto the same machine using Switch User, the other users will still have access to the USB device's content.
In addition, any user who is an administrator has remote access to the USB device, so those users would also be able to access the data once the USB device is unlocked by the local user.Related Reading:
- Q. How do I configure my BitLocker recovery password to be stored in Active Directory (AD)?
- Q. What is BitLocker To Go?
- Q. How do I enable BitLocker from the command line?
- Q. Does Hyper-V support Windows BitLocker Drive Encryption running on the host?
Check out hundreds more useful Q&As like this in John Savill's FAQ for Windows. Also, watch instructional videos made by John at ITTV.net.