Now that we have the Toshiba Tecra S10 laptop settled in with Windows 7 Ultimate x64 edition, the next step is to encrypt the contents of the hard drive.
A really good tutorial can be found here on how to prepare the hard drive with a 1.5GB partition that BitLocker requires before installing the OS:
Scenario 1 covers how to boot from the OS install disk, in our case we were using a USB flash drive, and use the DiskPart command to prep the disk before installing the OS.
Note that once we had the OS installed on the large partition, we needed to go into Disk Management and reassign the drive letter in order for it to be recognized by the BitLocker tool.
Type BitLocker in the Start –> Search to bring up the tool. If the laptop’s TPM is not initialized, then a reboot will be required to do so.
Once initialized, the tool will run through a few preparation steps as well as a recovery key generation step. We chose to save the key to a USB flash drive. After doing so, a reboot will be required by the BitLocker tool to test the recovery key before encryption ensues.
Upon logging back into the laptop, this is what we will see:
Since Windows Vista Business x86 came with this laptop, the addition of Software Assurance gives us access to Windows 7
Vista Enterprise. The cost is so inexpensive, there is no excuse for a company to not invest in the added protection of the data on the laptop.
If the Tecra gets left in a cab, or someone else values it more than the owner, then we can be assured that no data will be accessible.
The BitLocker conversion is a slow process, so let it run. It can run in the background, so the laptop is quite usable while it is running.
UPDATE: SA on Windows Vista brings Windows 7 Enterprise to the table. Strike out shows the original mistake.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book