Windows can encrypt entire Operating System drives and removable devices with its built-in BitLocker encryption. BitLocker Drive Encryption is an integral security feature in the Windows Operating System that helps protect data stored on fixed and removable data drives and the operating system drive. BitLocker helps protect against “offline attacks,” which are attacks made by disabling or circumventing the installed operating system or made by physically removing the hard drive to attack the data separately. For fixed and removable data drives, BitLocker helps ensure that users can read the data on the drive and write data to the drive only when they have either the required password, smart card credentials, or are using the data drive on a BitLocker-protected computer that has the proper keys. If your organization includes computers running previous version of Windows, the BitLocker To Go Reader can be used to allow those computers to read BitLocker protected removable drives.
Enabling BitLocker For a Drive:
To enable BitLocker:
- Open the “Control Panel” and navigate to “System and Security” , go to “BitLocker Drive Encryption”
- You can also open Windows Explorer or File Explorer, right-click a drive, and select Turn On BitLocker
- If you don’t see this option, you don’t have the right edition of Windows Operating System
- Click the “Turn on BitLocker” option next to an Operating System drive, internal drive (“fixed data drive”), or removable drive to enable BitLocker for the drive
There are two types of BitLocker encryption you can enable here:
- BitLocker To Go
- BitLocker Drive Encryption
External drives, such as USB flash drives and external hard drives, can be encrypted with BitLocker To Go. You’ll be prompted for your unlock method for example, a password when you connect the drive to your computer. If someone doesn’t have the unlock method, they can’t access the files on the drive.
Sometimes referred to just as BitLocker, this is a “full drive encryption” feature that will encrypt an entire disk. When the computer boots, the Windows boot loader loads from system reserved partition, and the boot loader will prompt you for your unlock method for example, a password. BitLocker will then decrypt the drive and load Windows. The encryption is otherwise transparent your files will appear like they normally would on an unencrypted system, but they’re stored on the disk in an encrypted form. You can also encrypt other drives in a computer, not just the operating system drive.
Encrypt and Unlock the Drive:
BitLocker will automatically encrypt new files as you add them, but you’ll need to choose what happens with the files currently on your drive. You can encrypt the entire drive including the free space or just encrypt the used disk files to speed up the process.
You’ll be prompted to run a BitLocker system check and reboot your computer. After the computer boots back up for the first time, the drive will be encrypted. Check the BitLocker Drive Encryption icon in the system tray to see its progress. You can continue using your computer while it’s being encrypted, but it performs more slowly.
When your computer boots, you’ll see a BitLocker prompt if you need to enter a password, PIN, or plug in a USB flash drive.Press Escape here if you lose your unlock method. You’ll be able to enter your recovery key. If you choose to encrypt a removable drive with BitLocker To Go, you’ll see a similar wizard but your drive will be encrypted without any rebooting required. Don’t remove the drive while it’s being encrypted.
Like all encryption, BitLocker does add some overhead. If encryption is important to you because you have sensitive data for example, a laptop full of business documents it’s worth the performance trade off. Encryption has so many advantages for you. Make use of the given information, hope it helped you.