There are several obvious
actions which can help you to protect your PC. You should install the newest
patches for the OS and apps. Besides, buy the newest anti-virus software and
use complex passwords. Here you will find some recommendations which can help
you to use all the protection capabilities in Windows 7.
Using BitLocker
BitLocker
is one of the most popular and improved securities in Win 7. This hard disk and
encryption technology and protecting the integrity of the boot medium first
appeared in Windows Vista. We can find BitLocker in several Ultimate and Enterprise edition of Win
7. This program does not allow an
attacker to extract data from the hard disk of stolen notebook if it was off at
the time of the theft.
But
there is one problem with BitLocker. It is difficult to restore data after
hardware failure if protected volumes were blocked. That’s why although this
technology can provide a great protection many of IT-specialists say that it is
a problematic thing, because they face with it when it is necessary to make a
data recovery.
In
order to restore your data you need an access to keys or password of Bitlocker
(which relate to blocked volumes). If there are not many computers it is easy
to watch passwords and keys, but if the bill goes to the hundreds of them this
task is really difficult.
Group policy allows
IT-experts to configure BitLocker so, that encryption activates only after the
successful creation of the keys and passwords’ back-up copies in Active
Directory. Restoring of the encrypted data became really easy because of the
changes in equipment of “Active Directory – users and computers” in Windows
Server 2008 R2 and appearing of Remote Server Administration Tools for Win 7. Keys and password search became easier than
in the same facilities of Win Vista.
Instead
of uploading, installing and configuring special options you just need to refer
to the keys and recovery passwords of BitLocker using “BitLocker Recovery” (you
can find it at the page of the properties of the computer account in “Active
Directory Users and Computers”). The passwords and key back-up process include
three stages.
1. In the
group policy editor of the computers’ accounts go to the folder Computer
Configuration/Windows Settings/Administrative Templates/Windows
Components/BitLocker Drive Encryption.
2. If
a computer has only one disk, go to the unit “Operating System Drivers” and
edit the policy “Choose how BitLocker protected operating system drivers can be
recovered”. If there is more than one disk use the unit “Fixed Data Drivers”
and edit the policy “Choose how BitLocker protected fixed data drivers can be
recovered”. Pay attention that although these policies can be configured identically
they will affect to different disks.
3. In
order to adapt back-up copy of the passwords and keys of BitLocker in Active
Directory when BitLocker protection is on, turn on the next options:
–
Save BitLocker recovery information to AD DS for the operating system drivers
and for hard disks if you need.
– Do
not enable BitLocker until recovery information is stored in AD DS for the
operating system drivers and for hard disks.
Passwords
and keys of the protected volumes will be copied only after applying the
policy. Passwords and keys of the volumes where BitLocker protection was
configured earlier will not copy automatically to Active Directory. You will
need to disable and enable again BitLocker and only after that the backup
information will appear in Active Directory.
About the author: Paul Smith is a staff writer of http://askessay.com/. He is passionate about writing on various topics, including business, technology and social media.
Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription or become our Facebook fan! You will get all the latest updates at both the places.
