Computer Performance, Microsoft Windows Vista

3CX Phone System for Windows - VOIP IP PBX

3CX Phone System for Windows -
VOIP IP PBX

Get your 5 free applications now

Application Publishing with 2X ApplicationServer

 

Guy RecommendsGFi Events Manager

A solution to monitor, manage and archive thousands of events that are generated by devices across the entire network. 
Download FREE trial

Windows Vista - BitLocker Drive Encryption

Windows Vista - BitLocker Drive Encryption

BitLocker provides extra security for computer disks, especially those of laptops.  It works because the drive remains encrypted, even if the disk is transferred to another machine.  Without the encryption keys, thieves cannot interrogate the disk by installing a parallel copy of Vista, or any other operating system.

Topics for Windows Vista BitLocker Drive Encryption

Pre-requisites for BitLocker Drive Encryption

  1. Buy Windows Vista Ultimate, because this is the only edition that supports BitLocker.
  2. Check that the Vista computer has a modern BIOS which supports TPM (Trusted Platform Module).  This ensures that the disk is encrypted at startup.  Consequently, if the disk were stolen and removed to a different computer, the thief would need the recovery keys before they could read the data.
  3. Set the BIOS to boot from the first disk.

Creating the BitLocker Partitions

As ever, planning is the key.  The best solution is to create the two partitions, need by BitLocker, during install.  For this task, seek out detailed instructions, particularly learn how Diskpart creates and formats the BitLocker partition.  Meanwhile, here are outline instructions for the task.

  1. As you install Vista, create at least two partitions, one for the operating system one for the encrypted data.  The secret is to click on 'System Recovery Options'.  As you install Vista Ultimate, look at the lower left of the pages, System Recovery Options appears on about the second install screen, just after you select the Keyboard Layout
  2. If you have already installed Vista, but without this configuration, don't despair, seek out the Windows BitLocker Drive Preparation Tool.

Configuring BitLocker Drive Encryption

  1. Assuming that Vista boots and you logon, this is where you find the BitLocker Drive Encryption configuration settings:
    Control Panel, Security, BitLocker Drive Encryption, now click: 'Turn On BitLocker on the operating system volume'.
  2. If your TPM (Trusted Platform Module) is not initialized, then the wizard will guide you through the  initialization process.
  3. Pay careful attention to the 'Save the recovery password' page, your options include:
    Save the password on a USB drive.
    Save the password in a folder.
    Print the password.
  4. You should now be on the page: 'Encrypt the selected disk volume'.  Confirm that the 'Run BitLocker System' check box is selected.
  5. You should now see the status bar. To monitor the progress of your disk volume encryption, drag your mouse over the icon in the tool bar.  (It's at the bottom of your screen.)

SOKB - Secure Online Key Backup

The idea is to use Secure Online Key Backup to protect both BitLocker's recovery password, and your recovery certificate for the Encrypting File System.  I like the idea of backing up important files to storage areas in the internet.  SOKB takes this concept one stage further by connecting to a secure Microsoft Web site called Digital Locker.  The benefit is if you lost these keys and certificate, you could download them from Microsoft's secure Digital Locker site.

SOKB - Secure Online Key Backup

.

EFS (Encrypted File System)

In addition to BitLocker's secruity, Microsoft have enhanced EFS (Encrypted File System) in the Ultimate, Business and Enterprise Vista Editions.  For example, you now have the ability to encrypt the page file and recovery keys onto smartcards.

Conclusion: BitLocker Drive Encryption

As a result of the above BitLocker procedures, you can encrypted the operating system volume and create a recovery password.  However, the only time that you notice the BitLocker Drive Encryption, is if there are changes to key system files, or if someone tries to start the computer from a disk.  In this instance you will see the recovery mode interface - waiting for a password.

TrainSignal - Recommended Vista Training VideosTrain Signal has just released their New Windows Vista Training Course.  As an MCT trainer, I am a huge advocate of Train Signal’s products.  What impresses is me is that they demonstrate everything that they teach and they stay away from traditional 'lecture-style' training.  If you are looking for a complete DETAILED coverage of Windows Vista, then I highly recommend that you give this course a try.  I have reviewed their 18 hours of videos myself, and I guarantee that you will not be disappointed!

Watch a Vista Training Video Demo.

Windows Vista Security:

 

Other Sections

^

Google
WebComputerperformance.co.uk

GFi Events Manager

Guy Recommends: GFi EventsManager

Here is a solution to monitor, manage and archive thousands of events that are generated by devices across your entire network.  Get your free evaluation copy of GFI EventsManager.

 

Home Copyright © 1999-2008 Computer Performance LTD All rights reserved

Please report a broken link, or an error.