34,333
edits
Changes
no edit summary
BitLocker Drive Encryption is a security feature feature first introduced in the Ultimate and Enterprise editions Windows Vista and subsequently incorporated into all editions of Windows Server 2008.
BitLocker performs a number of functions depending on the hardware support of the system on which Windows Server 2008 is running. At the most basic level, BitLocker encrypts entire disk volumes so that the operating system files and user data contained on a disk drive cannot be accessed if the computer and/or drive are lost or stolen. In addition , a key is written to a USB flash drive during the BitLocker configuration process. This flash drive must be inserted into a USB port on the computer at system startup in order to gain access to the system.
When used in conjunction with a computer system which has a Trusted Platform Module (TPM) together with a Trusted Computing Group (TCG) compatible BIOS, BitLocker also provides additional features including verifying the integrity of the boot files prior to system startup. In addition, TPM support also provides the option to specify a PIN that must be entered on system start up in addition to the flash drive containing the key.