University Systems help centre
Encrypt a disk using BitLocker: Windows
BitLocker Drive Encryption keeps your data secure by encrypting the entire hard drive. You do not need to purchase a license or download software -- BitLocker comes with Windows 7 Ultimate and Enterprise.
1. Ensure that the computer meets the BitLocker requirements:
- You have a new computer that is running Windows 8.1 Enterprise or Windows 7 Ultimate or Enterprise.
- Your computer is actively supported by the Computer Help Desk or Desktop Support Services.
- In the event of a drive or encryption failure, data recovery will be impossible. If your data is not also stored on a network share drive, you should have an active backup of your computer. University Systems recommends Tivoli Storage Manager for this purpose.
2. Ask your department's Desktop Support Services analyst or the Computer Help Desk to complete the inital setup for your computer. This setup may include:
- Binding your computer to Active Directory
- Ensuring your computer has the Bitlocker key escrow to ADS group policy applied to it in Active Directory
- Updating your computer's BIOS
- Activating the Trusted Platform Module (TPM) in your computer's BIOS
3. Click on Start and then Control Panel. Click BitLocker Drive Encryption.
4. Click Turn on BitLocker.
5. The Initializing the TPM Hardware window will appear. After this process to complete, it will automatically move to the next window.
5. When the How do you want to store your recovery key? appears, click Next.
Note: For security reasons, you should NEVER save or print your recovery key.
6. Check Run BitLocker system check and click Start Encrypting.
7. Restart your computer.
8. After the restart, log in to your computer. BitLocker will automatically begin encrypting your disk.
9. A status window appear that shows the drive encryption progress -- it may take several hours.
- You will be able to continue using your computer while the encryption progress is taking place, but performance may be effected.
- You may shutdown or restart your computer at anytime during the encryption process. BitLocker will resume encryption the next time you log on.
- Do NOT add any large files to your computer while the initial encryption process is taking place. BitLocker will make your hard drive appear full while encrypting your drive to discourage this. Your drive status will return to normal after encryption is complete.
| Notice for travellers: BitLocker software contains encryption technology, which is restricted in some countries. Some countries may require a permit to bring encrypted devices into the country. University Systems recommends that any persons planning on travelling to a foreign country with a PGP-encrypted device should contact prior to departure. |