IT tutorials
 
Windows
 

Windows 7 : Using BitLocker Drive Encryption

- How To Install Windows Server 2012 On VirtualBox
- How To Bypass Torrent Connection Blocking By Your ISP
- How To Install Actual Facebook App On Kindle Fire
4/20/2014 9:32:58 PM

Backup and System Protection ensure the availability of your files, in that they allow you to restore lost or damaged files by restoring from a backup copy. BitLocker drive encryption isn't about availability. It's about confidentiality. If your notebook computer is lost or stolen, that's certainly a bad thing. But if it contains confidential personal, client, or patient information, that's even worse. BitLocker drive encryption ensures that lost or stolen data can't be read by prying eyes.

BitLocker differs from the Encrypting File System (EFS) in that EFS encrypts individual folders and files, whereas BitLocker encrypts the whole disk.


BitLocker drive encryption works by encrypting all the data on a hard drive. With BitLocker drive encryption active, you can still use the computer normally. All the necessary encryption and decryption takes place automatically behind the scenes. But a thief would be unable to access data, passwords, or confidential information on the drive.

1. BitLocker Hardware Requirements

BitLocker drive encryption uses an encryption key to encrypt and decrypt data. That key must be stored in a TMP Version 1.2 (Trusted Platform Module) microchip and compatible BIOS. Only newer computers come with the appropriate hardware preinstalled. You'll also need a USB flash drive to store a copy of the password.

NOTE

The first time you open the BitLocker task page, you'll see a message indicating whether you do, or don't, have a TPM Version 1.2 chip installed. If you're certain that you have such a chip, but Windows 7 fails to recognize it, check with your computer manufacturer for instructions on making it available to Windows 7.

Caution, Caution, and More Caution

BitLocker drive encryption is primarily designed for organizations that have sensitive data stored on notebooks and PCs. Theft of those data could have a negative impact on the organization, its customers, or its shareholders. While transparent to the user, the act of setting up BitLocker would normally be entrusted to IT professionals within the organization.

If you're not an IT professional, you need to be aware of the risks involved, especially if you plan to set up BitLocker on a hard drive that already contains files. First, always back up your data before re-partitioning a drive. Though many programs on the market allow you to repartition a disk without losing data, there's always a risk involved. A backup is your only real insurance. More importantly, understand that BitLocker is not for the technologically faint-of-heart. There is no way to undo any bad guesses or mistakes. If not handled with the utmost care, BitLocker can render your computer useless and your data unrecoverable. If you're not technologically inclined, but have a serious need for drive encryption, consider getting professional support in setting up BitLocker for your system.


In addition to a TPM chip, your hard drive must contain at least two volumes (also called partitions). One volume, called the system volume, must be at least 1.5 GB in size. That one contains some startup files and cannot be encrypted. The other volume, called the operating system volume, will contain Windows 7, your installed programs, and user account folders. Both volumes must be formatted with NTFS.

2. Encrypting the volume

When all the necessary hardware is in place, setting up BitLocker drive encryption is a relatively easy task:

  1. Click the Start button, choose Control Panel, click System and Security, and then click BitLocker Drive Encryption.

  2. If your hardware setup doesn't support BitLocker, you'll see messages to that effect. You cannot continue without appropriate hardware and disk partitions.

  3. If all systems are go, click the option to turn on BitLocker.

  4. If your TMP isn't initialized, a wizard takes you through the steps to initialize it. Follow the on-screen instructions to complete the initialization.

  5. When prompted, choose your preferred password storage method, store the password, and click Next.

  6. On the encryption page, select (check) the Run BitLocker system check and click Continue.

  7. Insert the password recovery USB flash drive (or whatever medium you used for password recovery) and click Restart Now.

  8. Follow the on-screen instructions.

The wizard will ensure that all systems are working and it's safe to encrypt the drive. Just follow the instructions to the end to complete the procedure.

Make sure you password-protect all user accounts to prevent unauthorized access to the system. Otherwise a thief can get at the encrypted data just by logging in to a user account that requires no password!

3. When the computer won't start

Once BitLocker is enabled, you should be able to start and log in to the computer normally. BitLocker will only prevent normal startup if it detects changes that could indicate tampering. For example, putting the drive in a different computer, or even making BIOS changes that look like tampering, will cause BitLocker to prevent bootup. To get past the block, you'll need to supply the appropriate password.

4. Turning off BitLocker

Should you ever change your mind about using BitLocker, repeat the steps under "Encrypting the volume" and choose the option to turn off BitLocker drive encryption.

5. More info on BitLocker

The setup wizard for BitLocker drive encryption is designed to simplify the process as much as possible for people using computers with TPM 1.2. Other scenarios are possible.

 
Others
 
- Windows 7 : Using System Protection (part 3) - Using previous versions
- Windows 7 : Using System Protection (part 2) - Creating a restore point, Returning to a Previous Restore Point, Undoing a System Restore
- Windows 7 : Using System Protection (part 1) - Turning System Protection on or off
- Windows 8 for Business : Disk Encryption - EFS, BitLocker and BitLocker To Go
- Windows 8 for Business : Domain Join and Group Policy
- Windows 8 : Customizing the Start Screen (part 5) - Adding Shutdown and Restart Tiles to the Start Screen, Customizing the Start Screen Background
- Windows 8 : Customizing the Start Screen (part 4) - Pinning a Website to the Start Screen,Displaying the Administrative Tools on the Start Screen
- Windows 8 : Customizing the Start Screen (part 3) - Turning Off a Live Tile, Pinning a Program to the Start Screen
- Windows 8 : Customizing the Start Screen (part 2) - Creating an App Group
- Windows 8 : Customizing the Start Screen (part 1) - Resizing a Tile, Moving a Tile
 
Youtube channel
 
Top 10
 
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
programming4us programming4us
 
Popular tags
 
Video Tutorail Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Indesign Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe After Effects Adobe Photoshop Adobe Fireworks Adobe Flash Catalyst Corel Painter X CorelDRAW X5 CorelDraw 10 QuarkXPress 8 windows Phone 7 windows Phone 8 BlackBerry Android Ipad Iphone iOS