BitLocker Encryption for non-tpm laptops

Similar documents
MICROSOFT BITLOCKER ADMINISTRATION AND MONITORING (MBAM)

In order to enable BitLocker, your hard drive must be partitioned in a particular manner.

Table of Contents. TPM Configuration Procedure Configuring the System BIOS... 2

Massey University Wireless Network Client Configuration Windows 7

Windows BitLocker Drive Encryption Step-by-Step Guide

BITLOCKER USER GUIDANCE

Password Manager Windows Desktop Client

QUANTIFY INSTALLATION GUIDE

Macs are not directly compatible with Noetix.

User guide. Business

Use the below instructions to configure your wireless settings to connect to the secure wireless network using Microsoft Windows Vista/7.

How To Use Syntheticys User Management On A Pc Or Mac Or Macbook Powerbook (For Mac) On A Computer Or Mac (For Pc Or Pc) On Your Computer Or Ipa (For Ipa) On An Pc Or Ipad

Connecting to eduroam using Windows 8

Windows XP Exchange Client Installation Instructions

How to enable Disk Encryption on a laptop

Installation Guides - Information required for connection to the Goldfields Institute s (GIT) Wireless Network

Q. I use a MAC How do I change my password so I can send and receive my ?

Spectrum Health Virtual Desktop (VDI) (available only to select users at this time)

Safety and Health Grant Program Database Remote Access Installation Guide

CONNECTING TO THE DTS WIRELESS NETWORK USING WINDOWS VISTA

Secure Global Desktop (SGD)

Welcome Guide for MP-1 Token for Microsoft Windows

Microsoft Office 365 with MailDefender

McAfee Endpoint Encryption (SafeBoot) User Documentation

Creating a User Profile for Outlook 2013

Neoteris IVE Integration Guide

How to Encrypt your Windows 7 SDS Machine with Bitlocker

How to Access Coast Wi-Fi

Encrypting with BitLocker for disk volumes under Windows 7

E-Pollbook Flash Drive Guide for BitLocker

How do I use Citrix Staff Remote Desktop

DESKTOP CLIENT CONFIGURATION GUIDE BUSINESS

Advanced Configuration Steps

WiFi Internet Access. Windows XP Setup Instructions. Please Return After Use. Produced Oct 2010

Disk Encryption. Aaron Howard IT Security Office

MCBDirect Corporate Logging on using a Soft Token

Automatic Setup... 1 Manual Setup... 2 Installing the Wireless Certificates... 18

Lab: Data Backup and Recovery in Windows XP

Neoteris IVE Integration Guide

The ECU Wireless system uses a captive portal authentication system. There are three steps to configure your computer for wireless access:

SOS SO S O n O lin n e lin e Bac Ba kup cku ck p u USER MANUAL

VERALAB LDAP Configuration Guide

ICT DEPARTMENT. Windows 7. Wireless Authentication Procedures for Windows 7 & 8 Users For Linux and windows XP users visit ICT office

Configuring the Active Directory Plug-in

Cautions When Using BitLocker Drive Encryption on PRIMERGY

QUT PRINTING SERVICES. Printing from your laptop. Connect your laptop to the student print queue

Using BitLocker to encrypt a Windows 8 device

Set Up Setup with Microsoft Outlook 2007 using POP3

MULTI-FACTOR AUTHENTICATION SET-UP

Cloud Attached Storage

Magaya Software Installation Guide

Manual Configuration Instructions

ONE Mail Direct for Desktop Software

WhatsUp Gold v16.1 Installation and Configuration Guide

Pcounter Web Report 3.x Installation Guide - v Pcounter Web Report Installation Guide Version 3.4

Lab - Data Backup and Recovery in Windows XP

Dell ControlPoint Security Manager

BounceBack User Guide

Symantec PGP Whole Disk Encryption Hands-On Lab V 3.7

SQL Server 2008 R2 Express Edition Installation Guide

Backing Up and Restoring Microsoft Hyper-V Server Virtual Machines. Cloud Attached Storage. February 2014 Version 4.0

WIRELESS SETUP FOR WINDOWS 7

Lenovo Partner Access - Overview

HGC SUPERHUB HOSTED EXCHANGE

Remote Desktop Web Access. Using Remote Desktop Web Access

CHARTER BUSINESS custom hosting faqs 2010 INTERNET. Q. How do I access my ? Q. How do I change or reset a password for an account?

Connecting to Remote Desktop Windows Users

How To Set Up Chime For A Coworker On Windows (Windows) With A Windows 7 (Windows 7) On A Windows 8.1 (Windows 8) With An Ipad (Windows).Net (Windows Xp

NetIQ Advanced Authentication Framework - Password Filter. Installation Guide. Version 5.1.0

HP MediaSmart Server Software Upgrade from v.2 to v.3

Wireless Network Configuration Guide

Download Abacus Payroll Software and Activating Software:

User Guide. CTERA Agent. August 2011 Version 3.0

Configuring Outlook for IMAP. Creating a New IMAP Account. Modify an Existing Account

Smart TPM. User's Manual. Rev MD-STPM-1001R

Quick Instructions Installing on a VPS (Virtual Private Server)

Embarcadero Performance Center 2.7 Installation Guide

Remote Access: Citrix Client Setup

Contents. VPN Instructions. VPN Instructions... 1

Aspire. Basic Steps for Remote Desktop Protocol (RDP) Setup

GO!Enterprise MDM Device Application User Guide Installation and Configuration for Android with TouchDown

Steps for using MagicConnect

Appendix E. Captioning Manager system requirements. Installing the Captioning Manager

User Guide for eduroam

UBC Digital Signage Service: CoolSign 5.0 Initial Set- up Guide

Training Guide: Configuring Windows8 8

MBAM Self-Help Portals

How To Backup Your Computer With A Remote Drive Client On A Pc Or Macbook Or Macintosh (For Macintosh) On A Macbook (For Pc Or Ipa) On An Uniden (For Ipa Or Mac Macbook) On

FUSION Installation Guide

Reporting works by connecting reporting tools directly to the database and retrieving stored information from the database.

Edith Cowan University Information Technology Services Centre

educ Office Remove & create new Outlook profile

SHC Client Remote Access User Guide for Citrix & F5 VPN Edge Client

How To Install And Run Cesview Iii (For New Users)

HP MediaSmart Server Software Upgrade from v.1 to v.3

ESC Mobile App Guide

TERAcloud w w w. t e r a c l o u d. u k

Connecting to the University Wireless Network

ez Agent Administrator s Guide

BitLocker/Active Directory Encryption Procedure Department: Information Security Office Version: 1.0 Last Revised: 09/26/2011

Transcription:

BitLocker Encryption for non-tpm laptops Contents 1.0 Introduction... 2 2.0 What is a TPM?... 2 3.0 Users of non-tpm University laptops... 2 3.1 Existing Windows 7 laptop users... 2 3.2 Existing Windows 8.1 laptop users... 2 3.3 New laptop users... 2 4.0 Enabling BitLocker... 2 5.0 Working with BitLocker... 5 5.1 Unlocking your drive... 5 5.2 Changing your BitLocker password... 5 6.0 BitLocker Recovery Key... 6 6.1 Retrieving your recovery key from the self-service portal... 6 1

1.0 Introduction To meet University security compliance all University owned laptops are to be encrypted using BitLocker and managed by our Microsoft BitLocker Administration and Monitoring (MBAM) server. BitLocker drive encryption is Microsoft s proprietary encryption program and is included with certain versions of Windows. BitLocker encrypts the data stored on the Windows operating system (OS) volume, ensuring your data is secure in the unlikely event your laptop is lost or stolen. 2.0 What is a TPM? A Trusted Platform Module (TPM) is a computer chip (microprocessor) dedicated to dealing with certain security related functions. These microprocessors are built into some, but not all, models of laptop used by the University. If your laptop does not have a TPM chip, some aspects of the encryption process are performed by software rather than the TPM hardware. Essentially this means non-tpm laptops will require the user to enter a password to unlock/decrypt the drive prior to logging in. This authentication could be handled by the TPM if present. 3.0 Users of non-tpm University laptops How we enable BitLocker on your University laptop will depend on its current setup. The process will be largely automated so please do not attempt to manually enable BitLocker as you would do at home. We will be managing this roll out to ensure your recovery keys are securely stored on our MBAM server and your compliance details are known. Please read the information below most relevant to your current setup to see how this process will begin. 3.1 Existing Windows 7 laptop users Although BitLocker is available for Windows 7, non-tpm laptops will need to be reimaged to Windows 8.1. This is required to ensure the best possible security for your laptop and to enable management via our MBAM server. Information Services will be contacting you to arrange your upgrade and will help take you through the encryption process described in section 4.0. 3.2 Existing Windows 8.1 laptop users Continue to use your laptop as normal. The BitLocker encryption process will begin automatically once we deploy the policy to your laptop. At this stage the dialog box shown in section 4.0 will automatically appear on your desktop. Follow the steps in section 4.0 to complete the encryption process. 3.3 New laptop users If you receive a new University (non-tpm) laptop it will come preinstalled with Windows 8.1. The encryption process will begin once you have logged in and the dialog box shown in section 4.0 automatically appears on your desktop. Follow the steps in section 4.0 to complete the encryption process. 4.0 Enabling BitLocker The following dialog box will automatically appear on your desktop. 2

1. Enter a strong password that meets the complexity policy. This password will be required to unlock/decrypt your drive. 2. Confirm your new password. 3. Click Please note: This is an additional password, it is not linked to or replaces your usual login/domain credentials. 4. Your disk will now begin encrypting. 5. Click the Close button to close the MBAM encryption wizard. 6. Click OK, your disk will continue to be encrypted in the background. 3

7. Continue to use your laptop as normal. You can also turn your laptop off, encryption will simply continue the next time your laptop is turned on. 8. You can monitor the encryption process by clicking the BitLocker icon in your system tray 9. When your disk has been successfully encrypted the below MBAM dialog box appears. Read the Things to remember bullet points and press Exit. 10. BitLocker is now enabled. Your operating system (OS) volume has been encrypted and a recovery key, unique to your OS volume, has been stored in the MBAM database. 4

5.0 Working with BitLocker BitLocker drive encryption will not affect the way you work on your laptop. Your drive and its contents are only encrypted when your laptop is turned off or in hibernation mode. It s best to think of BitLocker as offline protection for your data. 5.1 Unlocking your drive When you turn your laptop on a blue BitLocker password screen will appear. To unlock/decrypt your drive enter your password (created in section 4.0) and press the Enter key. 5.2 Changing your BitLocker password You can change your BitLocker password by following these steps: 1. Open Control Panel (icons view) Start > Settings > Control Panel 2. Select BitLocker Encryption Options 3. Under Fixed Disk Drives click Manage your password 4. Enter a new password, confirm your new password and click Reset Password. 5. Your new password will now be required to unlock your drive. 5

6.0 BitLocker Recovery Key Although very rare, some specific events may cause BitLocker to enter recovery mode when attempting to start your laptop. If you are unable to unlock your drive or your laptop enters BitLocker recovery mode you can retrieve your unique recovery key from our self-service portal. 6.1 Retrieving your recovery key from the self-service portal Steps to retrieving your recovery key: 1. If not at the BitLocker recovery screen press Esc to enter BitLocker recovery. 2. You will need to use your recovery key ID, highlighted below, to retrieve your recovery key from the self-service portal. 3. Open a web browser and navigate to: http://crwnmbam1.staff.staffs.ac.uk/selfservice 4. Enter your staff username and password to gain access to the portal. 6

5. Please read the policy notice page, tick the confirmation box and click continue. 6. You will now be directed to the self-service recovery key page. Follow the 3 steps as instructed using your recovery key ID from step 2. 7

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information