Better make sure your local drives on notebooks are encrypted. This protects your personal data in case a notebook gets stolen or is placed into garbage one day.
Most modern business notebooks come with TPM chips and support real-time encryption of hard drives. Windows comes with the PowerShell module “Bitlocker” that manages hard drive encryption:
PS> Get-Command -Module bitlocker CommandType Name Version Source ----------- ---- ------- ------ Function Add-BitLockerKeyProtector 1.0.0.0 bitlocker Function Backup-BitLockerKeyProtector 1.0.0.0 bitlocker Function BackupToAAD-BitLockerKeyProtector 1.0.0.0 bitlocker Function Clear-BitLockerAutoUnlock 1.0.0.0 bitlocker Function Disable-BitLocker 1.0.0.0 bitlocker Function Disable-BitLockerAutoUnlock 1.0.0.0 bitlocker Function Enable-BitLocker 1.0.0.0 bitlocker Function Enable-BitLockerAutoUnlock 1.0.0.0 bitlocker Function Get-BitLockerVolume 1.0.0.0 bitlocker Function Lock-BitLocker 1.0.0.0 bitlocker Function Remove-BitLockerKeyProtector 1.0.0.0 bitlocker Function Resume-BitLocker 1.0.0.0 bitlocker Function Suspend-BitLocker 1.0.0.0 bitlocker Function Unlock-BitLocker 1.0.0.0 bitlocker
Make sure you launch PowerShell elevated before you try any of these commands. Get-BitlockerVolume, for example, dumps current settings and protection status:
PS> Get-BitLockerVolume | Select-Object -Property * ComputerName : DELL7390 MountPoint : C: EncryptionMethod : XtsAes128 AutoUnlockEnabled : AutoUnlockKeyStored : False MetadataVersion : 2 VolumeStatus : FullyEncrypted ProtectionStatus : On LockStatus : Unlocked EncryptionPercentage : 100 WipePercentage : 0 VolumeType : OperatingSystem CapacityGB : 938,0381 KeyProtector : {Tpm, RecoveryPassword}
The cmdlet revels current protection status, employed protection methods and EncryptionPercentage indicates whether encryption is completed or still working its way through your data.
If your hard drive is not encrypted you should read more about TPM and encryption first. While you can use Enable-Bitlocker to start encrypting your hard drive, it is important that you fully understand all encryption principles so you don’t accidentally lock yourself out.