Skip to content

BitLocker: The Only Safe Harbor for Data Breach

Encrypt Your Confidential Data

It’s very important for business owners to realize that when their employees travel, their organization’s confidential data goes with them. When you get out of your car, you lock it and arm the alarm for protection from a break in, so why leave your laptops, workstations, and servers unprotected from virtually the same thing? Enable BitLocker on your Windows 10 machines and avoid the possible fines from a data breach.  

Microsoft’s BitLocker Drive Encryption, which is built into Windows 10 Pro and Enterprise, is a data protection feature that integrates with the operating system and addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned computers. Data on a lost or stolen computer is vulnerable to unauthorized access, either by running a software-attack tool against it or by transferring the computer’s hard disk to a different computer. BitLocker helps mitigate unauthorized data access by enhancing file and system protections. BitLocker also helps render data inaccessible when BitLocker-protected computers are decommissioned or recycled. Matrixforce supports BitLocker encryption on Windows 10 Pro and Enterprise running the latest version patches.

Avoid Compliance Penalties

BitLocker is so effective, the United States government now considers it the only safe harbor if a data breach occurs, and thus saves a company from hefty penalties levied from FACTA and HIPAA laws. This is because when BitLocker has been enabled and a breach occurs, a company doesn’t have to report the breach.

BitLocker provides the most protection when used with a Trusted Platform Module (TPM) version 1.2 or later. If you have a computer purchased in the last couple of years, then it probably already has a TPM chip. It is also common on most laptops and tablets and comes pre-enabled on Microsoft Surface units.

The TPM is a hardware component installed in many newer computers by the computer manufacturers. It works with BitLocker to help protect user data and to ensure that a computer has not been tampered with while the system was offline.

If you have a Windows 10 computer that doesn’t have a TPM chip, you can use the USB flash drive to save the BitLocker recovery key. Then, all you have to do is insert the flash drive when the computer is started or resumed from hibernation and it will unlock the computer for you.

Additional Security Features

In addition to the TPM, BitLocker offers the option to lock the normal startup process until the user supplies a personal identification number (PIN) or inserts a removable device, such as a USB flash drive, that contains a startup key. These additional security measures provide multifactor authentication and assurance that the computer will not start or resume from hibernation until the correct PIN or startup key is presented.

Modern Windows devices no longer require a PIN in the pre-boot environment to protect BitLocker encryption keys from cold boot attacks. BitLocker pre-provisioning, encrypting hard drives, and Used Space Only encryption allow administrators to enable BitLocker quickly on new computers running Windows 10. Used Space Only encryption in BitLocker To Go allows users to encrypt removable drives in seconds. BitLocker requires a recovery key only when disk corruption occurs or the password is lost.

BitLocker is very simple and installs almost instantly on new computers, but if you are adding it to a currently used device plan to do so when you won’t need your PC for a while. For more, call us and schedule your firm for our Overwatch® Cybersecurity Exam to prevent reputation damage, data breach, and fines or penalties.

Ransomware Prevention Blueprint

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.


Leave a Reply

%d bloggers like this: