System Drive Encryption with BitLocker

by Pablo Martinez.
Share
|
Homepage | Submit your article | Contact | TOS
More articles on windows  

You are here: Categories » Computers and technology » Windows

Take new Vista technologies such as the bidirectional Windows Firewall, Windows Defender, and Windows Service Hardening; throw in good patch-management policies (that is, applying security patches as soon as they're available); and add a dash of common sense, and your computer should never be compromised by malware while Vista is running.

However, what about when Vista is not running? If your computer is stolen or if an attacker breaks into your home or office, your machine can be compromised in a couple of different ways:

  • By booting to a floppy disk and using command-line utilities to reset the Administrator password.

  • By using a CD-based operating system to access your hard disk and reset folder and file permissions.

Either exploit gives the attacker access to the contents of your computer. If you have sensitive data on your machinefinancial data, company secrets, and so onthe results could be disastrous.

To help you prevent a malicious user from accessing your sensitive data, Windows Vista comes with a new technology called BitLocker that encrypts the entire system drive. That way, even if a malicious user gains physical access to your computer, he or she won't be able to read the system drive contents. BitLocker works by storing the keys that encrypt and decrypt the sectors on a system drive in a Trusted Platform Module (TPM) 1.2 chip, which is a hardware component available on many newer machines.

To enable BitLockerwhich is available only in the Enterprise and Ultimate editions of Windows Vistaopen the Control Panel and select Security, BitLocker Drive Encryption (or just open the BitLocker Drive Encryption icon directly if you're using Classic view). In the BitLocker Drive Encryption window, click Turn On BitLocker.

This launches the Turn On BitLocker Drive Encryption Wizard, which takes you through the following tasks:

  • Save a startup key on a removable USB device. You need to insert this device each time you start your computer to decrypt the system drive.

  • Creating, displaying, printing, or saving the recovery password. You need this password if BitLocker blocks access to your computer. (BitLocker blocks access if it detects that one or more system files have been tampered with.) You can either enter the 48-digit(!) password by hand or use the recovery key you save to a USB device in the next step.

  • Encrypt the system volume. After this is done, you must insert the device with the startup key each time you want to load Vista.

Note

You can also use the Trusted Platform Module (TPM) Management snap-in to work with the TPM chip on your computer. Press Windows Logo+R, type tpm.msc, and click OK. This snap-in enables you to view the current status of the TPM chip, view information about the chip manufacturer, and perform chip-management functions.

Share
Leave a comment or ask a question
Total comments: 0

Windows Disclaimer

  • The e-articles directory is not responsible for any and all copyright infringements by writers and authors. If you suspect the information contained by this page for any copyright infringements, please contact us to investigate the issue
Windows 7 Change Account Picture - Your account picture is used for the login screen, your start menu, windows meeting space, and more. When you first set up your account, you can choose one of the default images. In this tutorial, (more...)
Windows7 Device Stage - Device Stage is a new technology in Windows 7 that helps you interact with any compatible device connected to your computer. Device Stage lets you see device status and run common tasks. This a cur (more...)
Windows7 Action Center - Windows Action Center is an improved version of Vista's Security Center. The action center alerts you to problems with your PC and lets you know how you can resolve them. Notifications are delivere (more...)
Enhance SATA Disk Performance in Windows7 - You can improve the performance of your SATA hard drive by enhancing write caching. If you are not sure whether or not you have an SATA drive in your computer, please check with your manufa (more...)
Speed up Your External Hard Drives in Windows7 - The default setting in Windows 7 disables write caching for external drives. This is done so that you can remove an external drive at any time without data loss. If you are willing to eject your dr (more...)
Use Windows7 ReadyBoost to Speed up Programs - Using Windows ReadyBoost is a great way to improve the performance of your computer when doing your day-to-day tasks. What is ReadyBoost? ReadyBoost uses a USB thu (more...)
Make Windows7 Shut Down Faster - As you install programs on your computer, it slows down-we all know that. However, what you may not know is that the programs install services. Windows is "kind" enough to patiently wait for these (more...)
Activate Hidden Regional Themes in Windows7 - Windows 7 is a worldwide operating system and Microsoft made a really good move by adding regional wallpapers into the operating system. When you choose your region settings, the appropriate theme (more...)
Windows7 :: Save Your Settings as a Theme - When you are satisfied with the appearance of your windows desktop, you can save the settings as a theme. A theme incorporates the following settings: • Color and appea (more...)
Windows 7 Set Views for all Folders - Windows 7 does a pretty good job at analyzing the content of a folder to determine how it should display the files. 98% of the time I want to see the details of the files and I don't care for thumb (more...)
 
free content
    Copyright © 2006 - 2012 e-articles.info.
The texts, articles and tutorials in the directory are property of their respective owners and authors.