Disk Drive Encryption
Setting up a secure password and always logging off a computer will not protect your business data if it gets stolen. Without drive encryption anybody with physical access to your computer can remove the hard drive and access your data.
The best method to secure a computer is to use hard drive encryption. Drive encryption makes files on a hard drive appear scrambled until a password is used to authenticate and access the drive. Even if a hard drive is removed from a computer the data is safe without the encryption password.
Third party drive encryption software is available from most anti-virus vendors including Eset, Symantec and Sophos. Microsoft offers a proprietary built-in feature called ‘BitLocker’ this is included in the Pro versions of Windows 10 and 11.
Bitlocker is easy to set up and works best on computers that have Trusted Platform Module (TPM) built into their hardware processor. TPM allows Bitlocker to store and authenticate the drive encryption password.
To check a computer has a processor that supports TPM using Windows open ‘Device Manager’ and check the processor model against the vendors website TPM list. Bitlocker will work without TPM but requires a USB flash drive every time you start up the computer.
Bitlocker on a Windows Pro machine using TPM allows a Windows Login password to seamlessly authenticate an encrypted drive. If a computer is on a Windows Server domain the authentication is against Active Directory Domain Services and a recovery key is backed up. If the computer is not joined to a domain a Microsoft account can be used with the recovery key backed up to Microsoft servers.
More information on Bitlocker and drive encryption can be found at the official Microsoft Bitlocker FAQ site
Drive encryption is a standard configuration for business computers, it minimises the risk of data theft and ensure computers performance remains fast and secure.
Fentons recommend all business computers enable drive encryption. For advice on drive encryption and business IT security contact Fentons, we’re always happy to assist.