Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

BitLocker - Agile Concepts

Protect Your Data with BitLocker™
Get Started
•
About Protecting Your Data with
BitLocker™
Note
Microsoft® Windows® BitLocker™ Drive Encryption protects data on your
computer by preventing unauthorized access to the hard disk drive. For
example, if someone removed your hard disk drive to gain access to its
data, BitLocker drive encryption would prevent any other computer from
accessing the drive. BitLocker allows access to your protected hard-disk
data only after you have typed in a PIN and logged on to Windows Vista®.
To use BitLocker Drive Encryption, you must complete the following topics
in this guide:
•
Back Up All Critical Files and Folders
•
Update Your BIOS
•
Prepare Your Hard Disk Drive
•
Turn on the Trusted Platform Module (TPM)
•
Turn On BitLocker
Trusted Platform Module (TPM) version 1.2 installed
More information about BitLocker and TPM can be found at
http://windowshelp.microsoft.com/Windows/en-US/Help/6035e2fd-ee504b74-9bfb-6c27bb6bf2201033.mspx.
Back Up All Critical Files and Folders
Before you enable BitLocker, use the Windows Easy Transfer tool to back up
your files and settings. See the Transfer Files and Settings Get Started at
http://microsoft.com/itshowcase.
Update Your BIOS
You should update your computer’s BIOS before using BitLocker. The BIOS is
the set of essential software routines that test hardware at startup, start the
operating system, and support data transfer between hardware devices.
Check your computer manufacturer’s support website or contact your
helpdesk to determine whether you have the latest BIOS for your computer.
System Requirements for BitLocker
The following are system requirements that you must have to run BitLocker:
•
PC connected to both AC power and the Microsoft corporate
network
•
Windows Vista Enterprise installed
Prepare Your Hard Disk Drive
After you back up your data and update your BIOS, install and run the
BitLocker Drive Preparation Tool to create an additional partition for
BitLocker:
More Work Smart Content: http://microsoft.com/itshowcase
This guide is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.
© 2009 Microsoft Corporation. All rights reserved.
1of5
Protect Your Data with BitLocker™
Get Started
1
Download and install the BitLocker Drive Preparation Tool at
http://www.microsoft.com/downloads/details.aspx?FamilyID=320b9a
a9-47e8-44f9-b8d0-4d7d6a75add0&DisplayLang=en
2
In the Windows Update Standalone Installer page, click Continue,
and then click OK to install the software update.
3
Click the Start button
, click All Programs, click Accessories, click
System Tools, click BitLocker, and then click BitLocker Drive
Preparation Tool.
4
On the Preparing Drive for BitLocker page, click Continue.
If the TPM is already turned on, then you should see a link for TPM
Administration in the window’s lower-left corner under See also.
Proceed to the Turn On BitLocker procedure. If you do not see this link,
then your TPM is turned off. To turn on your computer’s TPM, use the
manufacturer-specific instructions on the next page.
Note
The BitLocker Drive Encryption page may appear after you run the BitLocker
Drive Preparation Tool and restart your computer.
It may take up to an hour or more to prepare your hard disk drive for
BitLocker.
5
When the hard disk drive preparation is complete, the Preparing
Drive for BitLocker page appears. Click Finish, and then click
Restart Now to restart your computer.
Turn on the Trusted Platform Module
(TPM)
Before you can use BitLocker, you must turn on your computer’s TPM, which
is a microchip that enables your computer to utilize advanced security
features. To turn on the TPM:
1
Remove any attached peripherals and docks from your PC.
2
Click the Start button
, click Control Panel, click Security, and
then click BitLocker Drive Encryption.
More Work Smart Content: http://microsoft.com/itshowcase
This guide is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.
© 2009 Microsoft Corporation. All rights reserved.
2of5
Protect Your Data with BitLocker™
Get Started
Dell
HP
1.
Turn on your computer.
1.
Turn on your computer.
1.
Turn on your computer.
1.
Turn on computer.
2.
Press F2 to start Setup.
2.
Press F10 to start the ROM-Based Setup.
2.
2.
Press and hold ESC.
3.
Press the down arrow key, select
Security, and then press ENTER.
3.
Press the right arrow key, select the
Security menu, press the down arrow key,
select Setup Password, and then press
ENTER.
Press F1 immediately to start the BIOS
Setup Utility.
3.
3.
Use the down arrow key, select
Security, and then press ENTER.
When prompted, press F1 to start
setup.
4.
Press PgDn to go to the next page.
4.
On the Security page, use the down
arrow key, select Security Chip, and
then press ENTER.
5.
5.
On the Security Chip page, press
ENTER. On the pop-up menu, press the
down arrow key, select Active, and then
press ENTER.
Press the down arrow key, in the
Security Controller section, select
Disabled to the right of TPM, and then
press the space bar to enable TPM.
6.
When prompted to Save changes to
Security Controller now, press Y.
7.
Press End to save the settings, and
when you are prompted with Are you
sure?, press Y.
4.
5.
6.
7.
8.
9.
Press the down arrow key, select
TPM Security, and then press
ENTER.
4.
On the TPM Security page, press the
right arrow key, select On, and then
press ENTER.
Press ESC. On the Exit page, press
the right arrow key, select Save/Exit,
and then press ENTER.
When your computer restarts, press
F2 to start Setup again.
5.
6.
Press the down arrow key, select
Security, and then press ENTER.
Press the down arrow key, select
TPM Activation, and then press
ENTER.
10. On the TPM Activation page, press
the right arrow key, select Activate,
and then press ENTER.
11. Press ESC. On the Exit page, press
the right arrow key, select Save/Exit,
and then press ENTER.
Lenovo
In the Setup Password dialog box, in the
New password box, type a password. In
the Verify new password box, type the
password again, and then press F10.
On the Security menu, press the down
arrow key, select TPM Embedded
Security, and then press ENTER.
In the TPM Embedded Security dialog
box, press the down arrow, select Disable
to the right of Embedded Security
Device State, and then press the right
arrow key to Enable.
7.
Press F10.
8.
Press the left arrow key, and select the File
menu. Press the down arrow key, select
Save Changes And Exit, and then press
ENTER.
9.
On the Save changes window, press F10.
6.
On the Notice window, to continue,
press ENTER.
7.
To save your changes and exit, press
F10.
8.
In the Setup Confirmation window,
select Yes, and then press ENTER.
Toshiba
10. When your computer restarts, on the
Enable and Activate the TPM screen,
press F1.
More Work Smart Content: http://microsoft.com/itshowcase
This guide is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.
© 2009 Microsoft Corporation. All rights reserved.
3of5
Protect Your Data with BitLocker™
Get Started
Turn On BitLocker
4
On the Set the startup PIN page, in the PIN box, type a number that
is between 4 and 20 digits in length. The longer the number, the
more secure your computer will be. In the Confirm PIN box, retype
the number, and then click Set PIN.
5
On the Save the recovery password page, there are three options
to choose from:
After you have prepared your hard disk drive, you can turn on BitLocker. You
will create a personal identification number (PIN) to use each time you start
your computer. This process requires corporate network connectivity. To turn
on BitLocker:
1
Click the Start button
, click Control Panel, click Security, and
then click BitLocker Drive Encryption.
2
Click Turn On BitLocker.
a. Save the password on a USB drive (you will need a USB drive
for this)
b. Save the password in a folder (on a network file share)
In the lower left-hand corner the “TPM Administration” link is visible,
which means your TPM security hardware is turned on.
3
c. Print the password
On the Set BitLocker startup preferences page, click Require PIN
at every startup.
More Work Smart Content: http://microsoft.com/itshowcase
This guide is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.
© 2009 Microsoft Corporation. All rights reserved.
4of5
Protect Your Data with BitLocker™
Get Started
Note
If you send the recovery password to yourself in an e-mail message, and then
move the message to a managed folder that never expires, it always will be
accessible to you via Microsoft Office Outlook® Web Access (OWA).
6
On the Encrypt the volume page, click Continue, and then restart
your computer. It may take more than an hour to encrypt your hard
disk drive.
After you have turned on BitLocker, your hard disk drive will be encrypted.
Each time you turn your computer on, you will need to enter the PIN before
Windows Vista starts, and then you can log on to your computer.
Turn Off BitLocker
In some situations such as to make hardware or BIOS updates to your
computer, you may need to turn off BitLocker. When you do so, Windows
Vista will disable BitLocker on your system. Therefore, you will not need your
PIN to start your computer, and consequently, your data will not be
protected. To turn off BitLocker:
1
Click the Start button
, click Control Panel, click Security, and
then click BitLocker Drive Encryption.
2
Click Turn Off BitLocker, and then click Disable BitLocker.
Important
After performing your updates, you should turn BitLocker back on.
3
Click the Start button
, click Control Panel, click Security, and
then click BitLocker Drive Encryption.
4
Click Turn On BitLocker.
Notes
•
It may take more than an hour to decrypt your hard disk drive.
•
For more information, click What is the difference between Disable
BitLocker Drive Encryption and Decrypt the volume in the
BitLocker Drive Encryption dialog box.
For More Information
•
BitLocker Information
http://www.microsoft.com/windows/windowsvista/features/bitlocker.aspx
Note
If you need to remove BitLocker protection to decrypt the hard disk drive,
then in Step 2 select Decrypt the volume instead of Disable BitLocker.
More Work Smart Content: http://microsoft.com/itshowcase
This guide is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.
© 2009 Microsoft Corporation. All rights reserved.
5of5
Related documents
Chapter 04 - End of Year Review Sheet - RBMA-IT
Chapter 04 - End of Year Review Sheet - RBMA-IT
Windows 7 Security Overview
Windows 7 Security Overview
Windows 7
Windows 7
Chapter 12
Chapter 12
120626Windows8
120626Windows8
Download