With online criminal activities on the rise, most people prefer keeping their sensitive data locally in a personal computer. This way they can keep their computer safe and prevent unauthorized access to information saved in the PC. Nevertheless, what happens in the event your device gets lost or stolen? Your sensitive data could still land into the wrong hands.
This means that you still need extra data protection measures to keep your sensitive data safe. One of the most effective ways to protect data in your Windows 10 is encrypting your hard drive with BitLocker. Data encryption makes your data on the hard drive unreadable unless the user has the right encryption key or password. In this post, we explore the fundamentals of BitLocker and encrypting hard disks in Windows 10.
Fundamentals of BitLocker
BitLocker is a Microsoft’s disk encryption and security tool, integrated into Windows 10 Pro and Enterprise versions. The program enables Windows 10 users to encrypt an entire computer hard drive or removable storage disk, to protect the drive contents from malicious offline attacks. Windows BitLocker uses the AES algorithm with 256 or 128-bit key encrypt all the content in your disk.
This disk encryption prevents unauthorized users from reading, extracting, modifying or retrieving data in event of device theft or loss. To access and decrypt the data, the user must use the correct recovery key. If your PC is running on Windows 10, you can use BitLocker to enhance the security of your confidential data. However, you need to consider the following requirements and limitations.
BitLocker Encryption Requirements and Limitations
- BitLocker is available on Windows 10 Enterprise and Pro editions so it may not be useful for the Home edition users.
- A PC with a TPM (Trusted Platform Module), a microchip that supports advanced security features. However, you may use the lesser effective software encryption option for PCs lacking the TPM chip.
- Bios that supports TPM or USB devices at start-up.
- A hard drive with at least two partitions with the NTFS file system format.
- BitLocker disk encryption may take time so your PC should be connected to a power supply and free from any interruptions.
Does Your Computer Have TPM Chip?
Before you start the BitLocker encryption process, it is important to confirm that your PC has the TPM chip to support such an advanced security setup.
- To do so, Press the “Win + X” shortcut keys on your keyboard and open Windows “Device Manager”.
- Scroll down, click the arrow to expand the “Security devices” and if you can find the “Trusted Platform Module” device, then your computer has the TPM chip.
How to Encrypt a Disk with BitLocker?
After checking and confirming the availability of the TPM chip in your PC, the disk encryption process is simple and straightforward.
- Log into your Windows 10 PC with a profile that has the administrator rights.
- Open the Windows File Explorer and under “This PC” and identify the volume you want to encrypt (disk containing your sensitive data).
- Right-click the volume drive and on the context menu, select “Turn BitLocker on”.
- This will open the BitLocker Encryption wizard. On how to unlock the drive, tick the password option.
- Enter a strong but memorable password, re-enter the password and click “Next”.
- Choose a method to back up your recovery key and click “Next” to continue. You will need to access this option in case you forget your encryption password.
- Select the disk encryption space. The “Used disk space” encryption is recommended when encrypting a new disk while “entire disk” encryption is best for a disk that is already in use.
Note: After BitLocker encryption, the new data you add to the drive will be encrypted automatically.
- Pick the appropriate encryption mode and go to the “Next” page.
- Click the “Start encrypting” button to confirm and initiate the process.
- The process may take minutes to hours depending on the size of the disk. You can monitor the drive encryption progress and close the Wizard when the process completes.
Managing BitLocker in Windows 10
For your drive encryption to work, you need to prepare the TPM to support the security feature.
- To open the BitLocker Manager, type “BitLocker” in the Windows Cortana and click the “Manage BitLocker” from the result.
- This opens the BitLocker Management panel, displaying all your PC drives and the On/Off status. From this panel, you can change the encryption password, and back up recovery key among other actions.
- To activate the TPM, click “TPM administration” on the lower-left corner of the BitLocker manager window.
- Click “Prepare TPM…” on the resulting window and follow the play-instructions
The BitLocker is a very useful security tool that helps to protect your confidential data against unauthorized access. You can encrypt an entire PC volume or removable disk in Windows 10 and only a person with the right encryption password can view, modify or use BitLocker encrypted data.