Windows 10 offers encryption choices so users can secure the content on their devices. Did you know there are two types of encryption options available on Windows 10 computers? One is called “device encryption”, and the other is called “BitLocker device encryption.” In this article, I will explain the difference between the two.
Windows 10 Device Encryption
The device encryption is a simplified encryption and is available on most Windows 10 computers.
When you enable device encryption, only authorized people can access data on your device. If device encryption isn’t available on your device, you can turn on the standard BitLocker encryption (not available on Windows 10 Home).
If you are not sure that you can use device encryption, type System Information in the Windows search box and open the tool. The System Summary will be highlighted in the left-hand pane. In the right-hand pane you will see the Device Encryption Support item which will tell you whether your device supports encryption. If you run the System Information tool on your Windows 10 Pro or Enterprise desktop and see several reasons for failure, don’t panic. You should be able to use BitLocker encryption, which is even better because it gives you more options to manage the encryption.
The reasons for failures that you see would be something like: TPM is not available, PCR7 binding is not supported, Hardware Security Test Interface failed, device is not Modern Standby, un-allowed DMA capable bus/device(s) detected, or TPM is not usable.
Luckily, BitLocker can be used without a TPM chip as I’ve explained in my article Securing Windows 10 with BitLocker Drive Encryption. Therefore, despite the above message, you can still use BitLocker on a computer that doesn’t have a TPM chip, such as your desktop computer.
Windows 10 BitLocker Device Encryption
The BitLocker device encryption in Windows 10 is the “full” device encryption with management controls and is only available on Windows 10 Pro, Enterprise, or Education edition It is not available on Windows 10 Home edition.
You can enable BitLocker on individual drives. For example, the following screenshot shows that the BitLocker is enabled on drives D and E, but not on drive C. Notice all the management options you have to back up your recovery key, change password, remove password, add smart card, turn on auto-lock, and turn off BitLocker.
BitLocker has been around for a long time and is one of the most reliable features in Windows 10, primarily because it’s built into the operating system. For more information, check out this BitLocker article I wrote for Microsoft: Securing Windows 10 with BitLocker Drive Encryption.
|Thanks for reading my article. If you are interested in IT training & consulting services, please reach out to me. Visit ZubairAlexander.com for information on my professional background.|
Copyright © 2019 SeattlePro Enterprises, LLC. All rights reserved.