Setting Up Encryption In Vista Part I

Vista includes two encryption technologies: Encrypting File System (EFS) and BitLocker Drive Encryption. In this series of articles, you will learn how to set up both technologies in Vista.

To use BitLocker Drive Encryption (assuming you are not using hardware cryptography) you need to first configure the local computer policy to allow you to use USB key mode. Within the local computer policy, navigate to the following location: Computer Configuration \ Administrative Templates \ Windows Components \ BitLocker Drive Encryption. Open Control Panel Setup: Enabled advanced startup options. Select the Enabled option and the Allow BitLocker Without a Compatible TPM option.

To turn on BitLocker Drive Encryption:

1. Open the Control Panel, select Security and click BitLocker Drive Encryption.
2. Click the Turn On BitLocker option for the operating system volume.
3. Choose one of the available options to save the recovery password. The recovery password can be saved to a USB drive, in a folder or it can be printed. This password is required to move the drive to another computer or if changes are made to system start up. Therefore, it is crucial that it is kept in a secure location.
4. Once you have selected the password recovery option, click Next to continue encrypting the operating system volume.
5. Next, verify that the Run BitLocker System Check option is selected. Click Continue.

The computer will restart and proceed with the volume encryption.

Additional settings for configuring BitLocker Drive Encryption are available through the local computer policy. You can find these settings under the following container: Computer Configuration \ Administrative Templates \ Windows Components \ BitLocker Drive Encryption.

Once BitLocker Drive Encryption is enabled, it will lock the drive that Windows is installed on in specific situations that include:

• A possible security risk is detected on start-up.
• The computer is operational but the BitLocker startup key or pin is lost or the startup key is damaged.
• The computer is not operational and you have transferred the hard drive to another computer.

In these cases, you have to unlock the drive using the BitLocker recovery password to gain access to you files.

• Edge Z30 Midsize Desktop
• Aspire AO751h-1279 Netbook
• Studio 15 Notebook
• VAIO VGN-TZ295N/XC Notebook
• ThinkPad T400 Notebook
• P-7805u FX Notebook
• TouchSmart IQ524 Desktop
• Compaq Presario CQ60-420US Notebook
• K50IJ-RX05 Notebook
• Studio XPS 16 Notebook
• Aspire AS4810TZ-4011 Timeline Notebook
• VAIO VGNNW180J/S Notebook
• Satellite L555-S7916 Notebook
• Inspiron 11z Notebook
• ThinkPad X200 Tablet PC
• ThinkPad T400 Notebook
• Satellite A505-S6975 Notebook
• Pavilion Dv6-1030us Notebook
• Inspiron 15 Notebook
• ThinkPad T400 Notebook
• UL50AG-A1 Notebook
• IdeaPad U330 Notebook
• Windows Vista Home Premium
• Extensa EX5230E-2913 Notebook
• Aspire AS1410-8414 Notebook