If machines with built in hardware-level encryption are out of your customer's budget, an alternative to consider is BitLocker, an operating system (OS)-level extension to Windows Vista. BitLocker combines on-disk encryption and key management techniques to make data-theft difficult at a price your customers will appreciate. Learn BitLocker fundamentals in this step-by-step tip, courtesy of SearchWindowsSecurity.com.
Rarely does a month go by without a news report about a company or government agency that suffers some kind of loss in the form of a stolen laptop or PC. Often the theft is nothing more than an attempt to resell the hardware for fast cash, but sometimes it's a specific attempt to steal highly sensitive data.
Computers with hardware-level encryption built in can make such data theft prohibitively difficult. But such machines are expensive, and they are not always a practical solution.
Microsoft offers one possible solution in the form of an operating system (OS)-level extension to Windows Vista called BitLocker. This feature, a combination of on-disk encryption and special key management techniques, makes it possible for any existing PC that can run Vista to use the Advanced Encryption Standard (AES) on the main system partition. In other words, not only the data but also the OS installation itself is protected and they require the presence of a hardware key or a long passphrase to be rendered usable. Without the needed keys, the hard drive is nothing but pseudorandom data.
BitLocker demystified: End-to-end encryption for Vista
Introduction
The basics
Keying up
Common misconceptions
Competition
About the author
Serdar Yegulalp is editor of the Windows Power Users Newsletter. Check it out for the latest advice and musings on the world of Windows network administrators -- and please share your thoughts as well!
This tip originally appeared on SearchWindowsSecurity.com.
