If you aren’t a tech-savvy person, talking about technology like BitLocker can be overwhelming, especially when you’re trying to figure out how it works.
However, we’ve got you covered, because this article talks about everything you need to know about Microsoft BitLocker, so keep reading!
What Is Microsoft BitLocker?
Microsoft BitLocker is a data protection feature that works along with your computer’s operating system and addresses the threats of data theft or exposure from lost, stolen, or unintentionally decommissioned computers. This feature provides the most protection when used with a Trusted Platform Module version 1.2 or later.
If you are interested in learning everything you need to know about Microsoft BitLocker, you’ll want to keep reading for more facts!
What Actually Is Microsoft BitLocker?
Microsoft BitLocker works alongside your computer operating system in order to address threats of data theft.
This amazing computer feature provides a great amount of protection when used with a Trusted Platform Module, otherwise known as a TPM, that is a 1.2 version or later.
The TPM is a special hardware component that can be installed in many newer computers by computer manufacturers.
The TPM works with BitLocker to help protect your user data and helps to ensure that your computer hasn’t been tampered with while the system was offline.
If you have a TPM version before 1.2, don’t worry; there is still a chance that you can use BitLocker to encrypt the Windows operating system drive in your computer.
To do this, you will be required to insert a USB startup key into your computer to start it up or resume from hibernation.
Or, on Windows 8, you can use an operating system volume password to protect the operating system volume on a computer with TPM.
BitLocker offers the option to lock the normal startup process until the user supplies a personal identification number or inserts a removable device that contains a startup key.
With the additional security measures, you’re given multifactor authentication and assurance that the computer won’t start or resume from hibernation until security measures are presented.
What Can Microsoft BitLocker Be Used For?
When your computer is lost or stolen, there is a large chance of your data being unsafe to unauthorized access.
This can be done by either running a software-attack tool against it or by transferring the computer’s hard disk to a different computer.
BitLocker can help protect you from unauthorized data access by enhancing file and system protections on your computer.
Plus, when your computer becomes decommissioned or recycled, BitLocker can help render data inaccessible.
There are a few extra administration tools that you can use to manage BitLocker, and that consists of the following:
- BitLocker Recovery Password Viewer – This allows you to enable you to locate and view BitLocker Drive Encryption recovery passwords that have been backed up to Active Directory Domain Services.
You will be able to use this tool to help recover data that is stored on a drive that has been encrypted by using BitLocker.
By using this tool, you can examine a computer object’s properties dialog box to view the corresponding BitLocker recovery passwords.
In order to be able to view these recovery passwords, you must be a domain administrator, or you must have been given permission by a domain administrator.
- BitLocker Driver Encryption Tools – This tool includes the command-line tools, manage bde, and repair bde, and the BitLocker cmdlets for Windows PowerShell.
All of these combined can be used to perform any task that can be accomplished through the BitLocker control panel.
These are appropriate uses for automated deployments and in other scripting scenarios.
What Are the System Requirements for Using BitLocker?
When looking into using BitLocker, you will notice the following hardware requirements:
For BitLocker to be able to use the system integrity check provided by a Trusted Platform Module, the computer must have TPM 1.2 or later.
If your computer doesn’t have a TPM, enabling BitLocker will require you to have a startup key on a removable device like a USB flash drive.
A computer with a valid TPM must also have a Trusted Computing Group compliant BIOS or UEFI firmware.
The BIOS or UEFI firmware establishes a chain of trust for the pre-operating system startup and needs to include support for TCG-specified Static Root of Trust Measurement.
However, a computer without a TPM doesn’t require you to have TCG-compliant firmware.
The system’s firmware must support the USB mass storage device class, which includes reading small files on a USB flash drive in the pre-operating system environment.
How Do You Use Microsoft BitLocker?
MS BitLocker is an easy-to-use software that is used along with other Windows products. You will be able to access it through the control panel of your computer.
First, go to Control Panel > System and Security > Manage Blocker.
The BitLocker window will then open; from there you will need to click “Turn on BitLocker,” then you’ll need admin rights on your computer to continue.
Once you have followed the above directions, your system will run a scan of your computer to ensure that it’s compatible.
After, you’ll have two options to choose from for encrypting your data.
These options include the following:
- Used Disk Space Only: This is a faster option and ideally suited for new computers or hard drives.
- Completed Disk Space: This option encrypts the entire drive. While it takes a little longer to complete, it’s the best option for computers and hard drives that aren’t new.
Once the encryption is complete, you can be assured that the data on your system and any data which is stored in the future will be protected.
The BitLocker decryption key is stored on the device, so not much will change. However, there is the option to require a password during the pre-boot.
To know more, you can also read our posts on Microsoft Intune, Microsoft BI, and Microsoft OneDrive.
Microsoft BitLocker is a feature that is used for data protection on computers that works alongside your operating system, and addresses the threats of data theft or exposure from your device, whether it’s lost, stolen, or improperly or unintentionally decommissioned.
All you need for this feature to work well for you is a Trusted Platform Module, which is otherwise known as a TPM, and it must be a 1.2 version or later.