SEC602 – Data Encryption

Bitlocker is a program which allows for volumes of data to be encrypted and protected by a password. Bitlocker also allows for recover keys to be generated to gain access if the user forgets their password. The purpose of this encryption is to prevent access to information by unauthorized users. The prescription on the dive means that even if a user uses a tool like karli linix to gain access to the drive the information will be encryption and is therefore useless. To gain access to the drive a user must enter their password in the drive. Once the password has been enter the user won’t need to enter the password again until the computer is restarted. If the user forgets there password they can instead use a recovery key which is generated when the device is first encrypted to unencrypted the device.

Bitlocker allow a user to protect a drive from interference through a password or smart card. Bitlocker provides more protection that a standard password like a computer has as it encrypts the data on the drive preventing someone from access the drive through no standard means such as with karli linux. If someone gain access to the the device through means such as forge-ting to lock the system or someone using an exploit to get past the login screen the that person still wouldn’t be able to gain access to the encrypted files.

Data recovery keys should be stored away from the device they are for too prevent the key from being found by someone trying to access the encrypted device. It would be preferable for the device to not be one which is in use such as a desktop as this runs the risk of someone finding the password by accident. I believe that the recovery key should be stored on a device such as a USB as a USB can easierly be stored somewhere safe. I would also recommend that device the key is stored on be stored in a safe place such a safe.

Encryption is an important way to protect information which needs to be protected. Since bit locker is an a tool which comes with many modern windows systems it is likely to be commonly used in bussnesses. I therefore believe that it would be a useful tool to know how to use. It is also important to think about how to store recovery tools as with out them data can be lost which can be debilitating for a company depending on how important that information is. If the recovery key is too easy to find it will likely be easy for someone to bypasses the encryption making it worthless. It would be useful for the lab to cover other types of encryption as it is possible that not all businesses will use bitlocker.