Bitlocker Drive Encryption protects against data theft by encrypting the entire Windows volume. It ensures that your data remains encrypted, even if the computer is tampered with. For example, someone moves your hard drive to another computer by a malicious user, he or she will not be able to view the contents of it.

Bitlocker Drive Encryption can be enabled through the Vista Control Panel. If your computer does not meet the minimum requirements listed below, you will not be able to enable the Bitlocker Drive Encryption.

• Vista
• Trusted Platform Module (TPM) microchip v1.2 or USB flash drive
• Trusted Computer Group (TCG)-compliant BIOS
• Two NTFS partitions - one for the system volume and one for the operating system volume
• System volume must be at least 1.5 GB and set as the active partition

To use Bitlocker Drive Encryption without hardware cryptography, you need to first configure the local computer policy to allow you to use USB key mode rather than TPM. Within the local computer policy, navigate to the following location:

Computer Configuration \ Administrative Templates \ Windows Components \ Bitlocker Drive Encryption

Open Control Panel Setup: Enabled advanced startup options. Select the Enabled option and the Allow Bitlocker Without a Compatible TPM option.

To turn on Bitlocker Drive Encryption:

1. Open the Control Panel, select Security and click Bitlocker Drive Encryption.
2. Click the Turn On Bitlocker option for the operating system volume.
3. Choose one of the available options to save the recovery password. The recovery password can be saved to a USB drive, in a folder or it can be printed. This password is required to move the drive to another computer. Therefore, it is crucial that it is kept in a secure location.
4. Once you have selected the password recovery option, click Next to continue encrypting the operating system volume.
5. Next, verify that the Run Bitlocker System Check option is selected. Click Continue.

The computer will restart and proceed with the volume encryption.

Additional settings for configuring Bitlocker Drive Encryption are available through the local computer policy. You can find these settings under the following container:

Computer Configuration \ Administrative Templates \ Windows Components \ Bitlocker Drive Encryption