Pin Me

Protecting Your Data with BitLocker Drive Encryption

written by: Bill Bunter•edited by: Bill Bunter•updated: 2/4/2011

BitLocker is a security feature included in Windows Vista that can prevent your data from falling into the wrong hands by encrypting it, even if your computer is lost or stolen.

  • slide 1 of 1

    Go to Google News, enter stolen laptop and you’ll almost certainly see a recent story about data being exposed as a result of the theft of a laptop. Such incidents are embarrassing for the business concerned and remediation can be extremely costly. Fortunately, Windows Vista provides you with a way to secure your data against loss: BitLocker Drive Encryption.

    What is BitLocker?

    BitLocker is an encryption feature built-in to Windows Vista. Unlike the Encrypting File System (EFS) which encrypts only individual files, BitLocker encrypts the entire hard drive meaning that a computer cannot be booted by anybody other than an authorised user, even if the drive is removed and installed into a different computer.

    What do you need to be able to use BitLocker?

    To be able to use BitLocker your computer must be running either Vista Ultimate or Vista Enterprise. You’ll also need two NTFS partitions: a 1.5 GB partition for the system volume and a partition for the operating system volume. Should you already have installed Vista, the BitLocker Drive Preparation Tool will enable you to easily make the necessary reconfiguration.

    By default, BitLocker will use your computer’s Trusted Platform Module (TPM) chip to store data. But you can still use BitLocker even if your computer isn’t equipped with a TPM chip – see our article How to Use BitLocker Drive Encryption Without a TPM Chip for more details.

    How do I turn on BitLocker?

    To turn on BitLocker, log on to an admin account and:

    • Click Start > Control Panel > Security > BitLocker Drive Encryption.
    • Click Turn on BitLocker. Should you see a message to Initialize TPM Security Hardware, simply follow the prompts.
    • On the Save recovery password page, select the destination(s) to which the recovery password is to be saved.
    • Click Next.
    • On the Encrypt the selected disk volume page, check Run BitLocker System Check and click Continue.

    That’s it! BitLocker will test your configuration and, so long as all is well, begin the encryption process. Should you need any additional help, see Microsoft’s article Windows BitLocker Drive Encryption Step-by-Step Guide.

    Important note

    BitLocker is designed to prevent unauthorised persons from accessing your data but, unless your careful, it can prevent you from accessing it too. Take good care of your recovery password. Lose it, and the data you protected with BitLocker will be permanently inaccessible. Period.

    Finally, be sure to read our articles BitLocker Recovery Password Viewer Helps You Not to Lose Data, How To Avoid the BitLocker Blues and How to Use BitLocker Drive Encryption Without a TPM Chip for tips and hints on how to get the most from BitLocker.

More Info


Popular Pages