This guide, the Microsoft Data Encryption Toolkit for Mobile PCs Security Analysis, provides specific details about the levels of security that can be achieved using BitLocker and EFS. The Enterprise and Ultimate editions of Windows Vista™ support the full range of security features described in this guide, and a significant and useful subset is available in Microsoft Windows® XP. Several levels of protection are available, depending on the features and configurations applied. In the most secure configurations, a malevolent attacker would require an extraordinary amount of resources to decrypt the data on a hard disk drive.
The Security Analysis will help you understand how features in Windows Vista and Windows XP help mitigate or reduce specific security risks in your organization. This guide will help you to:
- Identify common threat vectors and risks in your environment.
- Understand how to mitigate specific risks and threats by using BitLocker and EFS, individually and in combination.
- Prepare to mitigate security threats that are not addressed by BitLocker or EFS.
- Understand selected security features and technology available in Windows Vista.
The security features discussed in this guide were developed using industry-accepted technologies. For example, the Microsoft implementation of the cryptographic algorithms used for BitLocker and EFS are certified according to the US Federal Government Federal Information Processing Standard (FIPS) 140-1, and the implemented algorithms are all mature. This adherence to industry-accepted technologies is important because some state and national data privacy laws provide exemptions or mitigating factors for organizations that can show they have made good-faith efforts to follow best practices for data security.