Bitlocker:-
Bitlocker protect your data saved your computer &
removable storage devices from unauthorized access by enabling Bitlocker&BitlockerTo
Go utility. Bitlocker To Go is new
feature comes with windows-7 to
protect data stored on removable drives in the same way Bitlocker is protect
data on systes volume of computer.
Mange Bitlocker:-
Bitlocker&BitlockerToGo are the data protection feature
windows7. These features are available in Enterprise & Ultimate Editions of
windows7 if you lose your laptop computer, bitlocker help to protect your data
on stolen or lost computer from unauthorized data access.
BitlockerModes:-
Bitlocker can be operate in different authentication
modes depending on computer hardware capabilities and desired level of
security.
The available bitlocker modes are
Ø TPM Only
Ø TPM with Startup Key
Ø TPM with PIN
Ø TPM with PIN & Startup Key
Ø Bitlocker without TPM
TPM Only :-
In this TPM mode user doesn’t provide password PIN or
Startup key to boot the computer. User is actually unaware of the Bitlocker
functioning it is the least secure authentication method for bitlocker
functioning. User becomes aware of this mode when Bitlocker detects a
modification in the boot environment or when user tries to remove hard disk&
use it on another computer to recover data stored on hard disk.
TPM with Startup key:-
In this mode, user must provide ausb device containing
the startup key at boot time, the Bitlocker leads your computer into a
Bitlocker recovery mode. The bitlocker in this mode also provides boot
environment protection through TPM.
TPM with PIN:-
User must enter a Personal Identification Number (PIN)
before your computer boot into windows operating System. If users do not enter
correct PIN at boot time, then Bitlocker forces your computer into recover
mode.
TPM with PIN & Startup key:-
When users turn on Bitlocker in TPM with PIN & Startup
keys, then users must provides PIN number &a devices which host Startup key
at boot time. This is most secure mode for Bitlocker.
You
can configure TPM with PIN mode & TPM with and Startup key through group
policy.
All
the above modes namely TPM with startup key ,TPM with PIN and Startup key
enable the Bitlocker to provide boot environment protection through TPM.
Bitlocker without TPM:-
If your computer does not have TPM chips, then the
Bitlocker can be operating in Bitlocker without TPM mode. This mode does not
provide boot environment protection. This mode provides only hard disk
encryption.
Path for Bitlocker:
I)
start -> control
panel -> System & Security ->Bitlocker Drive Encryption.
II)
Click tpm administration
icon and go to TPM management. The trusted platform management.
III)
In the Action pane of
the TPM management page you will get options as turn TPM on /Tpm off. Select
the appropriate option to turn on /turn off the TPM.
BitLockerTo
Go Introduction
BitLocker To Go —a new feature of Windows 7— is a
full-disk encryption protection technology for removable storage devices that
are connected to one of the USB ports on your computer (referred as either USB
drive or drive hereafter) .
Basically, BitLockerTo Go allows you to encrypt a USB
drive and restrict access with a password. When you connect the encrypted USB
drive to a Windows 7 computer, you will be prompted for the password and upon
successfully entering it, you can read and write to the drive as usual.
During the encryption process, Windows 7 installs a
special reader on the USB drive. When you connect the encrypted USB drive to a
computer running XP or Vista, the BitLockerTo Go Reader takes control, prompts
for the password, and then basically makes the USB drive a read-only device.
1. Turning on
BitLocker To Go for a USB Drive
i.
Insert a USB Drive to a computer running
Windows 7 Enterprise or Windows 7 Ultimate, right-click on the drive icon and
select the “Turn on BitLocker” command from the menu.
ii.
Once the initialization process is completed,
BitLockerTo Go will prompt you to set up a password that is used to unlock the
drive.
iii. After
setting up a password, BitLockerTo Go will prompt you to store or print the
recovery key that is used to unlock the drive in case you forget the password
one day.
iv. You will be prompted
to start the encryption process.
v. During
the encryption process, a progress monitor will be shown. The amount of time
that it will take to complete the process varies, depending mainly on the size
of your drive.
vi.Once
the encryption is complete, BitLockerTo Go displays a confirmation dialog box
and a lock icon will be shown on the Drive.
The BitLockerTo Go Reader is a program for you to unlock encrypted
drives and copy its content to computers running Windows Vista or Windows XP
(although Windows 7 does not need it.) Therefore, you should not remove this
program. If you accidentally delete it, you may download it from the Microsoft
website or copy it from another BitLockerTo Go encrypted drive.
2.
Using a BitLocker To Go
encrypted drive in Windows 7:
When
a BitLockerTo Go encrypted drive is plugged in any Windows 7 system (no need to
be Enterprise or Home Ultimate), a dialog window will appear, informing you
that the drive is protected by BitLocker Drive Encryption and waiting for you
to enter the password.
After typing the password and
clicking the Unlock button, you will be able to access the drive and its
content as usual.
3. Using a BitLocker To Go encrypted drive
in WindoVista/XP:-
A
BitLockerTo Go encrypted drive will become Read-Only in the Windows Vista and
Windows XP environments. When you insert the encrypted drive in a computer
running Windows Vista or Windows XP, you will be informed that the drive is
protected by BitLocker Drive Encryption as shown in 3 above. After entering the
correct password to unlock the drive, you will be able to copy the files stored
there. However, you will not be able to modify the files or save other files to
the encrypted drive. You should remember that duplicated files created in the
new location will not be protected by BitLocker even though the original files
will still be protected on the encrypted drive.
The BitLockerTo Go
Reader is not supported on removable drives formatted with NTFS.
4.
Recovering the encrypted
USB drive using BitLocker recovery key:-
If you forget the password of the encrypted drive, the
BitLocker recovery key saved or printed in 2 (iii) above will help you unlock
the drive and create a new password for the drive.
i. Plug the encrypted USB drive in Windows 7 and
click “I forget my password”
iii.
Enter
the BitLocker recovery key and click “Next”
If you have saved the recovery key in a file, you can
simply copy and paste it; otherwise, you have to enter the long key carefully.
5.
Forgetting both the
password and the recovery key
If
you have lost both the password and the recovery key, you will lose your data
forever as you cannot unlock the drive. Therefore, you are recommended to
memorize the password and keep the printed or saved recovery key in a safe
place.
If you have really lost your password and recovery key
and want to refresh the USB drive for use, you may follow the procedure below
to format it.
No comments:
Post a Comment