2569 ProtectYourDatawithBitLocker GS Windows7 External

Work Smart: Protect Data with Windows 7 BitLocker
Get Started
About Windows 7 BitLocker Prepare to Enable BitLocker

Microsoft BitLocker Drive Encryption technology uses the strongest publicly All new systems that <<organization >>provides are ready for BitLocker
available encryption to protect your computers data, and prevents others enablement. However, before you enable BitLocker, you need to join your
from accessing your disk drives without authorization. computer to a corporate domain (if it isnt already joined) and ensure that
Additionally, the BitLocker To Go feature prevents unauthorized data you are connected to the <<organization >>corporate network. For
access on your portable storage devices, including Universal Serial Bus information on joining your computer to a corporate domain, see the Joining a
(USB) flash drives, also known as thumb drives. Windows 7 System to a Domain Work Smart Guide:
Topics in this guide include: << Insert Joining a Windows 7 System to a Domain Work Smart Guide file
location or URL>>
Prepare to Enable BitLocker
Back Up and Transfer Files Note
Turn On BitLocker You will not be able to encrypt your drive unless you have a network
connection.
Suspend BitLocker Protection
Decrypt Your Drive
Back Up and Transfer Files
Encrypt a Portable Drive with BitLocker To Go <<Organization >> provides several solutions for backing up your data.
Manage BitLocker To Go <<insert preferred methods here>>
Decrypt a Portable Drive <<insert preferred methods here>>
Customization note: This document contains guidance and/or step-by-step

installation instructions that can be reused, customized, or deleted entirely if Turn On BitLocker
they do not apply to your organizations environment or installation After you connect to the corporate network, you can turn on BitLocker.
scenarios. The text marked in red indicates either customization guidance or BitLocker then turns on your computers Trusted Platform Module (TPM) chip,
organization-specific variables. All of the red text in this document should which is a microchip that enables your computer to utilize advanced security
either be deleted or replaced prior to distribution. features.
More Work Smart Content: http://microsoft.com/itshowcase

This guide is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS
DOCUMENT. 2012 Microsoft Corporation. All rights reserved.
Page 1 of 7
Get Started
4 On the Set BitLocker startup preferences page, click Require a PIN

Start BitLocker at every startup.
Initially, when you start BitLocker, you can create a personal identification
number (PIN) that you can use each time you start your computer, or you can
designate a startup key that you must enter each time that you attempt to
access a USB drive. This additional protection is optional, but is recommended.
If you are going to use DirectAccess as your remote-connectivity software
solution, you must create a PIN.
To start BitLocker and create a PIN or startup key:
1 Click Start , click Control Panel, click System and Security, and
then click BitLocker Drive Encryption.
2 Ensure your computers TPM is turned on. To do this, look for a TPM
Administration link in the lower-left corner of the window under
See also.
Important
<<Organization >> recommends using a PIN or startup key because
If you do not see this link, the TPM is not on. For assistance in turning it is the most secure option. You must create a PIN if you are going to
it on, contact << helpdesk contact or technical support URL>>. use DirectAccess as your remote-connectivity software solution.
3 Click Turn On BitLocker. 5 On the Enter a numeric startup PIN page, in the PIN field, type a
number that is between 5 and 20 digits in length. The longer your
PIN number, the more secure your computer will be.
6 In the Confirm PIN field, retype the number.
7 Click Set PIN.

Page 2 of 7
Get Started
8 On the How do you want to store your recovery key? page, click Notes
one of the following options:
BitLocker will encrypt your hard-disk drive in approximately one to
Save the recovery key to a file. Microsoft IT recommends this three hours, depending on its size. You can continue to use your
option, which enables you to save your password to a network computer during the encryption process.
file-share folder, such as My Site.
After BitLocker is enabled, each time that you attempt to log on to your
Print the recovery key. computer, you will need to enter your BitLocker PIN before Windows
starts. If you have any issues accessing your computer, contact
<< helpdesk contact or technical support URL>>.
Suspend BitLocker Protection

You may need to suspend BitLocker. For example, you might need to do a
hardware upgrade or basic input/output system (BIOS) updates. When you
suspend BitLocker, Windows disables protection on your system. You wont
need to enter your PIN to start your computer, but your data will be
unprotected.
You can perform all updates and system changes by suspending BitLocker
9 Click Next. protection. You typically do not need to turn BitLocker off for any reason
other than to decrypt your drive.
10 On the Encrypt the drive page, select the Run BitLocker System
check box, and then click Continue. To suspend BitLocker:
11 Close and save any files that you have open. (In the next step, you 1 Click Start , click Control Panel, click System and Security, and
will restart the computer.) then click BitLocker Drive Encryption.
12 Click Continue. 2 Click Suspend Protection.

BitLocker restarts your computer and begins the encryption process.

Page 3 of 7
Get Started
Resume BitLocker Protection 1 Connect to the corporate network.

2 Decide whether you want to use password protection or smart card
protection..
3 Insert the portable drive (USB drive, SC card, SD/MMC card, etc.) into
2 Click Resume Protection.
the appropriate slot.
4 Click Start, click Control Panel, click System and Security, and then
click BitLocker Drive Encryption.
5 Click Turn On BitLocker next to the portable storage device that you
want to encrypt.
Decrypt Your Drive
2 Click Turn Off BitLocker.
BitLocker will decrypt your hard-disk drive in approximately 13 hours, 6 In the Choose how you want to unlock this drive dialog box, select
depending on the hard-disk size. You can continue to use your computer one of the following options.
during the encryption process.
If you want to use a password to unlock the drive, select the
Use a password to unlock the drive check box, enter your
Encrypt a Portable Drive with password twice, and then click Next.
BitLocker To Go If you want to use a smart card to unlock the drive instead,
select the Use my smart card to unlock the drive check box,
When you encrypt a portable drive with BitLocker To Go, you can set it to
insert your smart card, and then click Next.
unlock by using a password or your smart card.

Page 4 of 7
Get Started
Important c. Go to My Site or the file-share folder where you want to save

the recovery key.
Create a password with 812 characters. It is recommended that you
d. Click Save.
use an easy-to-remember passphrase and change certain letters to
caps or obvious special characters. Entering a password is a one-time 8 Click Start Encrypting.
event. You will not need to change or reset it unless you want to.
Encryption time varies but typically takes 3 minutes per GB of data.
7 In the BitLocker Drive Encryption dialog box, do one of the An encryption progress dialog box will appear, followed eventually
following: by a completion notice.
To print the recovery key, click Print the recovery key, and 9 Click Close.
then click Next.
10 When the encryption is complete, remove the device. If you chose
Or smart card encryption, remove your smart card. Wait a few seconds
a. To save the recovery key to My Site or another file share, click and then reinsert the device and/or smart card.
Save the recovery key to a file. 11 Do one of the following:
b. In the Save BitLocker Recovery Key as dialog box, BitLocker If you chose password protection:
suggests a filename to use. You can edit this filename to
i. Enter your password.
distinguish it from recovery keys that you may acquire for
additional portable devices. For example, you might want to ii. If you want to have the device automatically unlocked
name it BitLocker San Disk 2Gig Recovery Key DDxxxDxx. when you use it with your computer, select the
Automatically unlock on this computer from now on
check box. To use auto-unlock, BitLocker must be
enabled.
iii. Click Unlock.
If you chose smart card protection, click Unlock, enter your

PIN, and then click OK.

Page 5 of 7
Get Started
Notes 2 Click Manage BitLocker.
BitLocker To Go can encrypt your drive in minutes or hours, 3 Select one of the options in the dialog box.
depending on your drives size, your connection speed, and the
technology you use, such as External Serial Advanced Technology
(eSATA), FireWire, USB, or USB 2.0. You can continue to use your
computer during the encryption process.
Each time you attempt to use the drive, you will need to enter the
password or smart card unless you set up BitLocker To Go to unlock
the drive automatically. If you have any issues accessing your drive,
contact the << helpdesk contact or technical support URL>>.
If you want to change the password for a portable drive or change
the auto-unlock feature, click Start, click Control Panel, click System
and Security, and then click BitLocker Drive Encryption. In the
BitLocker Drive Encryption dialog box, click Manage BitLocker
next to the portable drive information.
All recovery keys are stored in Active Directory and can be obtained
<< selfhelp URL, helpdesk contact, technical support URL>>.
Decrypt a Portable Drive
Manage BitLocker To Go 1 Click Start , click Control Panel, click System and Security, and
After you encrypt a portable drive, you may want to change a password,
remove a password, add a smart card to unlock the drive, save or print a 2 Click Turn Off BitLocker.
recovery key again, or turn the automatic unlock feature on or off. 3 Click Decrypt Drive.
To make any of these changes:

Page 6 of 7
Get Started
For More Information

BitLocker Drive Encryption
http://windows.microsoft.com/en-
US/windows7/products/features/bitlocker

Page 7 of 7

2569 ProtectYourDatawithBitLocker GS Windows7 External

Enviado por

Dados do documento

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

2569 ProtectYourDatawithBitLocker GS Windows7 External

Enviado por

Direitos autorais:

Formatos disponíveis

Work Smart: Protect Data with Windows 7 BitLocker

About Windows 7 BitLocker Prepare to Enable BitLocker

Customization note: This document contains guidance and/or step-by-step

More Work Smart Content: http://microsoft.com/itshowcase

4 On the Set BitLocker startup preferences page, click Require a PIN

More Work Smart Content: http://microsoft.com/itshowcase

Suspend BitLocker Protection

12 Click Continue. 2 Click Suspend Protection.

More Work Smart Content: http://microsoft.com/itshowcase

Resume BitLocker Protection 1 Connect to the corporate network.

More Work Smart Content: http://microsoft.com/itshowcase

Important c. Go to My Site or the file-share folder where you want to save

iii. Click Unlock.

If you chose smart card protection, click Unlock, enter your

More Work Smart Content: http://microsoft.com/itshowcase

Notes 2 Click Manage BitLocker.

More Work Smart Content: http://microsoft.com/itshowcase

For More Information

More Work Smart Content: http://microsoft.com/itshowcase

Você também pode gostar