Various third-party solutions have long been available to encrypt sensitive data folders and entire hard drives. With Vista, Microsoft now enters this market with BitLocker Drive Encryption.BitLocker has some advantages over competing encryption products because, integrated as it is into Windows, it can check the integrity of a computer system before the Windows user interface is ever loaded. BitLocker can tell when a hard drive has been moved to a different computer—as would be the case if a drive had been stolen—and can defend against brute-force attacks.
BitLocker also integrates with Microsoft’s Active Directory domain service scheme. The remote storage of digital keys that can unlock or restore data if a user forgets a password is a difficult and labor-intensive chore for IT administratrors. BitLocker handles this by using Active Directory to escrow the keys securely, while still being able to help an authorized (but forgetful) user access crucial data that’s stored in a password-protected drive.
BitLocker is available only in Vista Ultimate Edition, which can be purchased separately or upgraded to from the Home and Business Editions, and Vista Enterprise Edition, which can be purchased separately or upgraded to from the Business Edition.
