|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
ActiveWin.com: A Look at BitLocker Drive Encryption
BitLocker is a drive encryption technology designed to secure the contents of the entire hard drive from unauthorized access. Essentially, BitLocker uses the Encrypting File System (EFS) technology that allows users to encrypt individual files and applies that encryption to the entire hard drive. This prevents any access to the hard drive unless the BitLocker startup key is provided at the time the computer is booted, even if the drive has been removed and placed into another system or into an external enclosure. This technology is ideal for systems containing highly sensitive information, and it’s ideal for any mobile system whose contents can’t be compromised in the event of theft. BitLocker is only available in two editions of Windows Vista: Ultimate and Enterprise. BitLocker is accessed by going to Control Panel ->BitLocker Drive Encryption. Some preparation must be made ahead of installation, because in order to enable BitLocker, a 1.5 GB volume must be partitioned from the hard drive. For recommended partitioning methods, see Windows BitLocker Drive Encryption Step-by-Step Guide - http://technet2.microsoft.com/WindowsVista/en/library/c61f2a12-8ae6-4957-b031-97b4d762cf311033.mspx?mfr=true Also, BitLocker will require that the TPM setting be turned on in the BIOS, although this requirement can be bypassed if the BIOS is not TPM –compatible. (For more information on how to disable the TPM requirement in the Group Policy Editor, check out this article: http://www.vistaclues.com/enable-bitlocker-without-a-tpm/) Let’s take a look at how to enable BitLocker in Windows Vista. Once you have meet the necessary prerequisites to enable BitLocker, the BitLockeControl Panel settings will now look like this. We can now proceed to turn BitLocker on. In my case, my BIOS is not TPM compatible, so I do not have the option to use a PIN at startup, so I must use a USB key drive to store my encryption key and will be required to have this USB key drive plugged into the system at every boot. Encryption of the drive begins after the computer has rebooted. Encryption took a little over an hour on my 160 GB Raid 0 drive configuration. BitLocker is now enabled and your drive contents are safe from intruders. It’s a good idea to store multiple copies of your startup key in different locations. This can be done by clicking the ‘Manage BitLocker Keys’ link. So what happens if you don’t have access to the startup key? The computer will boot past the BIOS, and then will display the following message: Interestingly, BitLocker does not require the startup key when resuming from sleep mode, which is the default shut down activity in Vista. Overall, I think the BitLocker technology is a great feature. I haven’t noticed any discernable degradation in system performance, although I’ve read online that large file copy operations seem to take a bit longer. Another item to note, individual files and folders can still be encrypted in the same manner that is used in XP, although it’s questionable as to whether this is actually needed or not. I’m a little puzzled as to why BitLocker is not available in the Business edition of Vista, because seemingly, that would be the edition installed on the majority of work related laptop computers.
Resources: Windows BitLocker Drive Encryption Step-by-Step Guide - http://technet2.microsoft.com/WindowsVista/en/library/c61f2a12-8ae6-4957-b031-97b4d762cf311033.mspx?mfr=true BitLocker Drive Encryption: Technical Overview - http://technet.microsoft.com/en-us/windowsvista/aa906017.aspx Windows Vista: Features Explained: Windows BitLocker Drive Encryption - http://www.microsoft.com/windows/products/windowsvista/features/details/bitlocker.mspx
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||