Windows Vista not only provides beautiful 3D images and more user-friendly operations, but also provides sufficient security and is one of Microsoft's commitments. To fulfill this commitment, Microsoft integrated the anti-spyware Windows Defender and firewall in Vista, which ensures that users have the first line of defense against external threats. In terms of protecting the security of computer files, Microsoft has used a new technology, namely BitLocker disk encryption technology.
From the literal meaning of BitLocker, it can be understood as "locking every bit". Its role is to fully protect important files on users' computers, the file security is ensured when the computer is stolen. When Vista is still in the development stage, messages about the application of BitLocker disk encryption to Vista have been widely concerned. Microsoft said that its launch conforms to users' needs: data is stolen, exposed due to loss, or discarded due to computer data leaks without proper processing.
Features of BitLocker
BitLocker uses an "offline" method to encrypt the entire volume. This means that if BitLocker is deployed, the system will be dynamically protected by encryption technology, even if a potential hacker obtains the physical access permission of the system, he cannot take data or files from the hard disk.
Another feature makes BitLocker look especially safe: it can prevent the theft of files and system protection mechanisms in Vista by starting another system or running other hacker software, alternatively, you can browse files stored in protected drives offline.
Some details about BitLocker
BitLocker uses 128-bit or 256-bit AES (Advanced Encryption Standard, Advanced Encryption Standard) Encryption. The Encryption level depends on the needs and can be set through the Group Policy. BitLocker works best in a system with TPM 1.2 (TPM, Trusted Platform Module, Trusted Platform Module, and a chip on the computer motherboard.
TMP is mainly responsible for generating encryption keys. Keys are critical to users, because once keys are lost, they cannot be retrieved. Even on your computer, you cannot take files without keys.
According to Microsoft and other independent testers, the impact of full-disk BitLocker encryption on system performance is negligible.
Some disadvantages of BitLocker
BitLocker is not a perfect technology. Because it can only protect the volume of the operating system in the computer, or the hard disk with the operating system, for those systems with multiple volumes or multiple disks, bitLocker alone cannot protect all data. In this regard, Microsoft recommends using EFS for non-operating system volumes.
When used in combination with BitLocker, EFS itself becomes more effective because the root directory on the operating volume is also overwritten. Therefore, once BitLocker is enabled on the operating system volume, the EFS root directory data will be protected by BitLocker, and the possibility of tampering will also be reduced. In addition, this solves the functional limitations of EFS itself-in the past, EFS itself could not encrypt the files in the system root directory. Currently, these files are protected by BitLocker, while other files are protected by EFS.
Supported Operating Systems
Currently, only the Enterprise and Ultimate editions of Vista are supported for BitLocker. In addition, the forthcoming server operating system Longhorn will also support this new technology.
Summary
It is undeniable that BitLocker plays an important role in protecting enterprise data security. As a new member of the Vista security technology family, BitLocker and Windows Defender and firewall are believed to give users a good performance.