BitLocker To Go
BitLocker To Go enables users to encrypt removable drives using a password or a smart card When a BitLocker To Go-protected drive is connected, Windows 7 prompts the user to enter the password. When the correct password is entered, the contents of the drive are available from Windows Explorer, and accessing the drive is completely transparent to the user.
When a BitLocker To Go-protected drive is connected to an earlier version of Windows, the user can run the BitLocker To Go Reader application, as shown in Figure 16-16 . If the user chooses to run the tool, it prompts the user for a password. The BitLocker To Go Reader application can only be used with drives formatted in the FAT file system and those drives that have been configured to be unlocked with a password.
FIGURE 16-16 The BitLocker To Go Reader enables earlier versions of Windows to access BitLocker To Go-protected drives .
When the correct password is entered, the contents of the drive are available from the BitLocker To Go Reader, as shown in Figure 16-17. Users can drag files from the BitLocker To Go Reader to any Windows Explorer window, where they can access the files normally. Note that versions of Windows prior to Windows 7 cannot transparently access a BitLocker To Go-protected drive; instead, they must used the BitLocker To Go Reader.
% BrtLockerTo Go Reader ¡G}
Which files do you want to use?
Drag and drop tiles to this computer to view them,
. Spotlight-V100 .Trashes
. Spotlight-V100 .Trashes
|
Name |
Date modified |
Type |
|
j. .Spo«ight-V100 |
2/26/2009 5:43:08 PM |
File Folder |
|
X .Trashes |
1/29/2009 7:43:06 PM |
File Folder |
|
j. Bars |
2/5/2009 2:56:34 PM |
File Folder |
|
j. Bars 2-26-09 |
2/26/2009 3:05:08 PM |
File Folder |
|
j. Bars 3-12-09 |
3/12/2009 1:21:46 PM |
File Folder |
|
PI ._.Trashes |
1/29/2009 7:43:06 PM |
TRASHES File |
|
□ .DS Store |
2/5/2009 5:42:34 PM |
DS STORE File |
|
Hbee-on-brown-eye-susan (2),, |
1/29/2009 3:00:32PM |
JPEG Image |
|
glMG_0294-2.jpg |
1/29/2009 2:48:40 PM |
JPEG Image |
|
OlMG_3084.jpg |
1/29/2009 2:58:30 PM |
JPEG Image |
|
[fcj IMG_6772-Edit-Edit.jpg |
1/29/2009 2:48:18 PM |
JPEG Image |
|
OlMG_6846.jpg |
1/29/2009 2:55:10 PM |
JPEG Image |
|
gj IMG_69S2-Edit-Edit-Editopg |
1/29/2009 2:48:20 PM |
JPEG Image |
How do I use the BitLocker To Go Reader?
figure 16-17 Users can drag files from the BitLocker To Go Reader to a Windows Explorer window.
You can use Group Policy settings to configure BitLocker To Go . Within the Computer Configuration\Policies\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives node, you can define the following policies:
■ Control Use Of Bitlocker On Removable Drives Allows you to prevent users from using BitLocker To Go and block users from suspending encryption or decrypting BitLocker To Go-protected drives .
■ Configure Use Of Smart Cards On Removable Data Drives Allows you to require the use of a smart card to protect a drive with BitLocker To Go or prevent users from using smart cards
■ Deny Write Access To Removable Drives Not Protected By BitLocker Enables you to require BitLocker To Go before allowing users to save files to a removable drive .
■ Allow Access To Bitlocker-Protected Removable Data Drives From Earlier Versions Of Windows Controls whether the BitLocker To Go Reader is installed on BitLocker To Go-protected drives .
■ Configure Use Of Passwords For Removable Data Drives Enables you to require passwords for BitLocker To Go-protected drives and to enforce password complexity requirements
■ Choose How Bitlocker-Protected Removable Drives Can Be Recovered Allows recovery agents and determines whether recovery agents, 48-digit recovery passwords, or 256-bit recovery keys can be used to recover a BitLocker-protected drive. You can also use this policy setting to save BitLocker To Go recovery information to Active Directory Domain Services (AD DS).
Post a comment