Lets face it, we all make mistakes. Fortunately there’s a new Windows 7 feature that might just save your bacon if you misplace a USB drive with sensitive information on it. You’ve probably heard about BitLocker. It’s the drive encryption technology that’s been around now for a little while. With Windows 7 and Windows Server 2008 R2, we took another step and now allow you to encrypt more than just the operating system drive. BitLocker To Go is an easy to use encryption technology that will allow you to encrypt the contents of a USB stick or drive and prevent prying eyes from looking at your data. Considering the number of recent horror stories about all sorts of sensitive data getting into the wrong hands, this feature is long overdue.
BitLocker To Go extends BitLocker data protection to USB storage devices, enabling them to be restricted with a passphrase. In addition to having control over passphrase length and complexity, IT administrators can set a policy that requires users to apply BitLocker protection to removable drives before being able to write to them. BitLocker To Go also allows users to more securely share data with users who have not yet deployed Windows 7. Windows 7 gives administrators more control over how data in their environment is protected. From policy configured Active Directory Domain Services integration for the escrow of recovery keys to simple and efficient hardware recovery processes, BitLocker provides an integrated management experience for IT professionals.
BitLocker To Go adds administrators control over how removable storage devices can be utilized within their environment and the strength of protection that they require. Administrators can require data protection for any removable storage device that users want to write data upon; while still allowing unprotected storage devices to be utilized in a read-only mode. Policies are also available to require appropriate passwords, smart card, or domain user credentials to utilize a protected removable storage device.
Take a look at the following 9 minute screencast to get an idea of how this works. It’s rather easy to setup and use. That’s the whole point. Make it easy for the user to use, and they’ll use it. Be sure to double click the player for a full screen view, or use the player's full screen button on the bottom far right. The player tool bar pops up if you hover on the bottom portion of the video.
For more information:
- BitLocker area on technet.microsoft.com
- BitLocker Technical Overview – the must read
- BitLocker Interview and demos on edge.technet.com – a really good overview created by Adam Bomb.
- BitLocker Step-by-Step Guide – html online version
- KB Article on the BitLocker Drive Prep Tool
- The old BitLocker team blog – ghost town. I don’t know who started this, but it’s time for a new post.