Bitlocker To Go

From WSU Technology Knowledge Base
Revision as of 11:40, 19 December 2017 by BBudnick13 (talk | contribs)
Jump to: navigation, search

What is Bitlocker 2 Go?

Bitlocker is the Windows encryption tool that helps protect data from being accessed by the wrong party by scrambling it in a way that only valid WSU StarID can read. This is the core technology implemented on every employee PC across campus. Bitlocker2Go is the “to go” version of this technology that extends to peripheral equipment such as thumb drives, external hard drives, SD/XD/SSD/Mini/Micro/CF, cameras, scanners and every attachable device is capable of storing data. Basically Bitlocker2Go allows you to password protect these removable devices where university data is likely kept.

Why is Bitlocker being enforced?

Every year the university and its employees purchase dozens if not hundreds of external storage devices that are for all intents and purpose disposable. These storage devices have become quite large and are capable of storing significant quantities of sensitive university data. At the same time, most employees are not capable of accounting for these devices during annual business office audits which is a major cause for alarm. Requiring Bitlocker2Go ensures data being copied from WSU computers remains in a more protected state. This risk mitigation control reduces the requirement for the university to do asset tracking and inventory control on low dollar storage devices. The implementation of this technology not only significantly reduces the risk of losing university data, but also reduces costs associated with tracking and securely disposing of the devices themselves.

Will it impact me?

Bitlocker2Go will likely not impact most employees.

  • First, it is currently only being deployed to Windows based computers that have access to classified university data.
  • Second, it will only impact you if you use removable storage devices, which most employees do not use.
  • Third, it will only impact you if you need to WRITE data to these devices. If you only need to read data from external sources Bitlocker2Go does not need to be enabled. Remember, WSU recommends using network storage and not removable media whenever possible. These devices are expensive and easily lost.
  • Fourth, the technology is very stable and has been thoroughly adopted and tested across almost every industry.

How will it impact me if I do use removable storage?

In the event your job requires the use of removable media Bitlocker2Go will require those drives to be protected PRIOR to you putting data on them. In a nutshell, if you plug in a USB storage stick and right click and select paste: 1. Sorry, you can’t copy files to this without Bitlocker being enabled. Would you like to enable it? 2. Click NO and all you may do is read the contents of the drive. Click Yes and it will walk you through a very quick set of steps to put a password on it. 3. The next time that drive is plugged into a computer, it will prompt for a password to unlock it. If it is your primary computer, you can choose to remember the password and it will never prompt again. If it is your home computer, just enter the password and it will open and look normal. ** special software is available to open these secure drives on a Mac **

Detailed documentation of the setup process are as follows:

First time use of unencrypted drive on in scope workstation

User presented with a dialog box. If “Don’t encrypt” is chosen, then the drive is read-only.