Encryption is becoming more and more important with the increased usage of electronic media, especially when it comes to removable media.
Windows Vista was the first Microsoft OS to feature inbuilt encryption in the form of BitLocker, however ideally you need a TPM (Trusted Platform Module), and it wasn’t really all that good to implement due to how the partitioning was setup at install.
With the release of Windows 7 they have made some improvements to the BitLocker implementation making it much easier to turn on as they have made a small partion as standard to store the relevant information. In addition they have also implemented BitLocker To Go, so that you can easily encrypt your removable storage.
Below is a simple step by step how to:
You will need a Windows 7 Ultimate Installed (Not clear what other versions will have this feature at release), a USB Storage Device, and about 5 mins of your time. Time will increase based on the size of the storage device.
* It is important to note that BitLocker only supports Windows volumes, so currently you will be unable to open these on a Mac, Linux or Unix platforms.
Step 1 – Insert your storage device into your machine. There is no need to remove data from the device, no information loss should occur as part of the encryption process.
Step 2 – Open up control panel and select “System and Security” and then select “BitLocker Drive Encryption”. Once the BitLocker screen has opened identify the removable storage device and click on the associated “Turn on BitLocker”.
BitLocker will now review the size and contents of your removable media, before starting the pre-encryption process.
Step 3 – You will now be prompted to set an Encryption Password, or associate a smart card to unlock your key. BitLocker uses a strong encryption algorithm (AES-CBC + Elephant Diffuser), but it is still important to set a strong passphrase. I would recommend 20 characters or more and included numbers, letters, and special characters (@!Â£#).
Enter your password in both boxes and select next.
A short password was used for this demonstration.
Step 4 – Create a recovery key. This is important so that in the event you forget your password you have an alternative method to access your data. You can print or save a file containing this key. What ever option you select, store the outcome somewhere safe, and do not keep it with your removable storage device. Once you have stored or printed your key, continue by clicking next.
Step 5 – Encrypting your device. Once your sure you want to encrypt your device, click “Start Encrypting” if you have any doubts now is the time to cancel.
You can monitor the encryption process. Obviously the time taken will depend on the size/capacity of the removable storage.
Once the process has completed, the below message will be displayed. All you need to do is press close and your done.
To verify the encryption was successful you can go back into the BitLocker section in Control Panel.
Or in My Computer you will see your removable device has a new “open” padlock associated with it.
From now on when you insert your device you will be prompted to enter your passphrase or insert your associated smart card. It is possible to associate your removable media with your computer, but I would not recommend this.
You will also notice if you dont enter the password, you have a closed padlock in My Computer.
If you decide to remove the encryption, simply open up control panel and select “System and Security” and then select “BitLocker Drive Encryption”. Once the BitLocker screen has opened identify the removable storage device and click on the associated “Turn off BitLocker”. Obviously you will need to have authenticated yourself to the drive to allow this activity.