Home
BitLocker data encryption may be happening without your knowledge
BitLocker data encryption may be happening without your knowledge, that means that your automaticity getting extra security from Microsoft without any effort required on your part, but also a caution...
When you add an outlook.com home user account to a new Windows PC as part of the initialisation (as Microsoft now requires) Microsoft can/will/may auto-encrypt the hard drive with windows BitLocker. It does this without asking or telling you. It associates the long encryption key with your Microsoft account (normally a hotmail.com or outlook.com account) and stores the encryption key under your account on the web.
The reason that they do this is to make your PC more secure so if the hard drive is removed from the PC or laptop it can't be just plugged into another PC and have data read. While this is good in theory, forcing data encryption on unwitting home or small business users without asking or telling them I don't feel is a good policy. In an enterprise IT environment significant planning and testing would be implemented before even considering(!) encrypting the data. Having data is no use whatsoever if you can't access it.
There are a few things that can go wrong, under certain circumstances you PC may prompt for the key before stating Windows and if you don't have it your never (never ever, EVER) getting your 30 years worth of data back. Here are some examples:
- Sometimes Microsoft just doesn't store the key (yes, I have seen it!)
- A random Microsoft account may be used to setup the PC (for example a service providers account) then a local or domain accounts may be use from that point onward, in 5 years' time you may not know which Microsoft account was used or have access to it to find the key.
- What if you get hacked and locked out of your Microsoft account?
So what should you do? That's difficult, I'm not going to 'recommend' that you deliberately use 'less security' than you could but here are some thoughts.
- At least now you know, you've been warned
- Consider going on to https://account.microsoft.com/ and printing out your BitLocker key and putting it in a safe place
- BACKUP ALL YOUR DATA periodically to an independent medium or location
A PC that just sits in a factory, contains no data and/or just connects to a remote desktop session does NOT need BitLocker turned on its an unnecessary overhead.
About the author
Comments
Welcome:
digitalwelcomemat now has a blog!
Subscribe for the news as it happens, call me for support on 0404 493 770 or access my remote support solution here: http://help.digitalwelcomemat.com/
Digitalwelcomemat provides IT consultancy and services for business customers on the NSW Central Coast in Australia.
Search
Articles
- How to test your UPS
- Identify IT things!!
- MFA - User setup for Microsoft 365 (2 of 2)
- MFA - User setup for Microsoft 365 (1 of 2)
- The “don’t forget list” when buying a new desktop PC
- Macrium Reflect backup image restore process
- Changing the disk mode from RAID to 'standard'
- The “don’t forget/decision making list” when buying a new laptop
- Restoring an MBR System image to UEFI/GPT (Macrium reflect)
- How to disable Office 365 updates
- Problems 'saving-as' from Adobe reader?
- How to Install Microsoft office from the web (office 365 version)
- Reset your Windows 10 PC
- How to add a printer and avoid it being a "web services device"
- How to logon to work with remote desktop and access files on your "local" hard drive".
- How to install a certificate in Windows 10
- How to find your computers name (Windows 8.1 & 10)
- Create an email "rule" in MS outlook
- Syncovery backup config guide
- How to do a manual Hyper-V failover
- How to connect to Exchange server with Outlook
- Identifying monitor connection plugs/sockets
- Acronis system backup from a boot disk/USB
- Update a software "driver" for a device (from Microsoft)
- ADSL2 Modem router settings for common Australian providers
- Selecting the default sound device on Windows
- How to activate NOD32 antivirus
- Apply an email signature in Outlook
- Upgrade Windows 10 from Home to Pro
- Manually running Windows updates in Windows 10
- 32Bit or 64Bit Windows?
- Default printer keeps changing?
- How to lock, log out or switch user in Windows 10
- Access your virtual machines/servers
- Uncompress a file that has been compressed in Windows
- Locate your email header information
- Perform an Internet speed test
- Allow digitalwelcomemat to connect remotely to your PC for support
- Rename your PC (Windows 10)
- Open a MS Outlook mail file backup PST file
- I only have 128GB/256GB hard drive space where is the rest?
- Changing file association
- Setup a new user in MYOB account right
- ADSL filters
- Setup an additional mail account in Outlook, option B
- Network discovery turned off "feature"
- Change Windows 8 text size
- MS Word document word count - Word 2013
- Setup or upgrade Windows 8.1 without a Microsoft Account
- How to "remote desktop" to another computer (Windows 8)
- Upload a private [unlisted] video to youtube
- How to update NOD32 serial number
Contact:
Give me a call: 0404 493770