BitLocker Explained

BitLocker Drive Encryption is Microsoft’s full disk encryption software introduced with Windows Vista. BitLocker encrypts built-in hard disks and removable disks to secure data and prevent unauthorized booting of the PC or reading of information after the PC is booted with an alternative OS. This can be especially valuable with laptops and removable drives, which are easily lost or stolen. BitLocker is a feature provided with Enterprise and Ultimate editions of Vista and Windows 7.

BitLocker has several modes of operation depending on the PC hardware and type of drive to be encrypted. If the PC has one, BitLocker can work with a Trusted Platform Module (TPM), an optional component that is typically a microcontroller installed on the motherboard of the computer and provides a variety of cryptographic services. BitLocker used with a TPM provides transparent access to the PC since the TPM stores a unique cryptographic key and allows the PC to boot only if the PC configuration matches the key.