Microsoft has a built-in security solution called BitLocker that encrypts your computer’s hard drive, preventing thieves from being able to steal your data should your device become lost or stolen. BitLocker has been part of Windows for quite some time. However, recent updates have enabled parts of BitLocker and may now alert users that Protection can be turned on or, in some cases, turn it on for you.

BitLocker is great for security since encrypting your data adds a layer of defense. However, like all security systems, if you get locked out, you need to have the key.

What should you know about enabling BitLocker?

When BitLocker is turned on, either through an update or manually, the key will need to be recorded to unlock the drive. Your IT Support team has been working to streamline this and make security easy. If you are prompted about BitLocker turning on, you need to record the BitLocker key and share it with your IT Support person. Read more here about how to back up your Bitlocker key if this happens.  

If your department uses Campus Active Directory (AD), IT has a policy in place that will record the key automatically. Your department uses AD if you sign in with your NetID/NetID password to your computer. If in doubt, ask your IT support person or check this KB Is My Device on AD?.

Either way, the key must be recorded in a place where IT can access and get it to you if BitLocker locks your computer.

When will you need the key?

You might be prompted for the BitLocker recovery key during startup, due to a security risk or hardware change.

What do you need to do? 
Contact your CALS IT support person to find the code for you. It is a 48-digit code. We can send it or read it off to you depending on your situation, or if you are in the office, we can enter it for you.

Why does this happen?
It could be a significant BIOS update, security issue or anything that causes the computer to think something significant has changed, such as a motherboard replacement. It should not happen for all updates; it triggers only in a few cases.

Why is this important to know?
If BitLocker is triggered and no one can find the key, we cannot recover the data on your hard drive because it is encrypted. If your data is solely stored on your computer hard drive and that is inaccessible, you would lose that data.

Rundown of BitLocker

• BitLocker is a built-in feature of Microsoft Windows that can encrypt storage drives.
• Once enabled and turned on, a key is required to unlock it if it is triggered.
• Keys will automatically be recorded by computers on AD (check with your IT person).
• Keys will need to be saved by the user and your IT person if you are not on AD.
• If no key is recorded and BitLocker is triggered, we cannot recover the data on your hard drive.
• BitLocker encryption does not impact data stored in your cloud storage such as OneDrive, Google Drive and Box or any data saved to the shared file system or research drive.

If you have any questions or concerns about BitLocker, data storage solutions, or any other technical need, please contact your CALS IT support person.