Bitlocker Encryption Compliance

Anon414 Prior to enabling BitLocker you should configure your endpoint to run in "FIPS Mode". 

https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing

Be aware that this can impact some application's, such as Azure AD Connect, ability to run on systems when they are in FIPS mode.

Here are the details about what libraries are used by BitLocker in the different OS's which meet the FIPS compliance.

https://docs.microsoft.com/en-us/windows/security/threat-protection/fips-140-validation#modules-used-by-windows

It is important to note that in older OS's (Pre Server 2012 and Windows 8.1) when running in FIPS mode the creation or use of a Recovery Password was not possible.  However, in more recent versions BitLocker has been updated to be fully functional when running in FIPS mode.

https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies#fips-support-for-recovery-password-protector