<div>
hi, you also need to sort out enable TPM. In Bios and take &nbsp;ownership.
</div>


hi, you also need to sort out enable TPM. In Bios and take  ownership.

<div>
Mike, could you expand on that a bit or provide a link to a good overview?
</div>


Mike, could you expand on that a bit or provide a link to a good overview?

<div>
<div class="content wysiwyg-content">
Hello,<br />
<br />
My organization is deploying BitLocker to its laptops. &nbsp;We need to make sure that data on the drive is inaccessible without logon credentials. &nbsp;Here is how we're planning on deploying BitLocker:<br />
<br />
1. Upgrade machines to Windows 8.1 (we currently are using 7 Pro and don't have the licensing for Windows 10)<br />
2. Enable BitLocker - as part of group policy, we are requiring the recovery information be backed up to AD before BitLocker can encrypt. &nbsp;Further, we are requiring a PIN to be entered upon restart of the computer.<br />
3. Verify the recovery information.<br />
4. Have the user change the PIN when we deploy their laptop to them.<br />
<br />
Am I missing anything? &nbsp;I would hate to not be able to recover data off a laptop if something would go wrong.<br />
<br />
Thanks!
</div>
</div>


Hello,

My organization is deploying BitLocker to its laptops.  We need to make sure that data on the drive is inaccessible without logon credentials.  Here is how we're planning on deploying BitLocker:

1. Upgrade machines to Windows 8.1 (we currently are using 7 Pro and don't have the licensing for Windows 10)
2. Enable BitLocker - as part of group policy, we are requiring the recovery information be backed up to AD before BitLocker can encrypt.  Further, we are requiring a PIN to be entered upon restart of the computer.
3. Verify the recovery information.
4. Have the user change the PIN when we deploy their laptop to them.

Am I missing anything?  I would hate to not be able to recover data off a laptop if something would go wrong.

Thanks!

Bitlocker Deployment Verification

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.

Encryption

Windows 8 is a personal computer operating system developed by Microsoft as part of the Windows NT family of operating systems, with an emphasis on improving its user experience on tablets. In particular, these changes included a touch-optimized Windows shell based on Microsoft's "Metro" design language, the Start screen, a new platform for developing apps with an emphasis on touchscreen input, integration with online services, support for USB 3.0, Advanced Format hard drives, near field communications, and cloud computing. Additional security features were introduced, such as built-in antivirus software, integration with Microsoft SmartScreen phishing filtering service and support for UEFI Secure Boot on supported devices with UEFI firmware.

Windows 8

A laptop or notebook is a portable personal computer with a clamshell form factor, suitable for mobile use. Although originally there was a distinction between laptops and notebooks, the former being bigger and heavier than the latter, there is often no longer any difference. Laptops are commonly used in a variety of settings, such as at work, in education, and for personal multimedia. A laptop combines the components, inputs, outputs and capabilities of a desktop computer, including the display screen, speakers, a keyboard, and pointing devices (such as a touchpad or trackpad) into a single unit. The device can be powered either from a rechargeable battery or by mains electricity from an AC adapter.