How important is the data on your PC to you? Let me rephrase that, how sensitive is that information? Are you a lawyer that has confidential case files on your PC? Are you a doctor that needs to keep patient or research data of clinical trials safe and secure? Are you a small business owner that views the data on your PC as essential for your business survival? Are you none of the above, but need to protect files such as tax information, salary information, medical history data or other more risqué files you rather would not fall into the wrong hands? [Please note: Securing anything illegal plays havoc on your Karma and will make you a very unhappy person]
Let us assume that you need to demo a concept product for your company’s management team. You pop the files onto a flash drive and off you go. That right there, is your Achilles heel. Lose the flash drive and you are in a heap of trouble. The great thing about BitLocker is that you can turn it on for your entire hard drive or removable drives. (Note: BitLocker and BitLocker To Go require Windows 8 Pro or Enterprise) For this post I will illustrate encrypting a 2 GB removable flash drive. Hit the Windows Button and start typing “bitlocker” and select to search in Settings (screenshot above). You will see the search results appear as follows:
Click on BitLocker Drive Encryption. In the next screen, you will see your Fixed Data Drives and all the removable drives attached to your computer. Since I am encrypting my removable drive, I will click “Turn on BitLocker” under the Removable Data Drives section.
BitLocker then Initializes the drive and then presents you with the option of securing the flash drive by using a password or a smart card.
BitLocker will now allow you to backup your recovery key. Wait, what is a recovery key? Well according to Windows 8 help:
If you forget the password for a drive you’ve encrypted with BitLocker Drive Encryption, or if something happens to your PC that prevents it from accessing the encrypted drive, you can still use a recovery key (a string of 48 random numbers) to get back into the drive. You create a recovery key when you turn on BitLocker for the first time on each drive that you encrypt.
It’s essential that you store a copy of your recovery in a safe place. If you lose it, you might permanently lose access to your files. You can store the recovery key by printing it, saving it on removable media (such as a USB flash drive), or saving it as a file on a network. (You can save your recovery key to another drive on your PC that you’re not encrypting, but it’s best if you store it separate from your PC). After you create a recovery key, you can use Manage BitLocker to make additional copies.
The next screen will give you options on how much of the drive you want to encrypt. Seeing as I already have files on the drive, I opted to encrypt the entire drive.
The drive encryption process will now start and depending on the size of your removable drive, this process might take a few minutes. While this is happening, you will notice that the BitLocker status is Encrypting.
When BitLocker has completed the Encryption process, you can see additional options available to manage your Encrypted Flash Drive. From here you can change your password, turn on auto-unlock and turn off BitLocker on the drive.
When I removed the drive and inserted it again, Windows 8 prompted me to unlock the drive. I also opted to have the drive automatically unlocked on my PC seeing as it is the primary PC I will be using this removable drive on.
Plugging the removable drive into a Windows 7 PC also prompted me with the following screen:
In case you were wondering, the Windows 7 PC was my daughters laptop. The encryption process was fast and now gives me the peace of mind that any information on my BitLocker secured drive will be safe from prying eyes if I ever had to lose it. Now I can already hear a few people saying that TruCrypt does the same thing. Well, while I do use TruCrypt on one of my laptops, I prefer to use BitLocker on my Windows 8 machine. Here is why:
- BitLocker supports the Trusted Platform Module (TPM) chip. (Your PC needs to support TPM, although you can still use BitLocker without TPM support)
- Using TPM negates the need for a password. Contrary to popular conspiracy theories, if you forget your password and lose your recovery key, you format your drive – end of story. This makes TPM a nice option.
- BitLocker is better than before and embedded within the Windows 8 OS.
- The argument that TPM has been hacked is negligible seeing as the hack took a great deal of effort.
Whatever option you decide to use to secure your data, encrypting makes a lot of sense. If you’re running Windows 8 Pro or Enterprise, give BitLocker a try. I am sure you will be surprised at how easy it is to set up and use.