How do I setup whole disk encryption on a Windows computer?

This tutorial applies to the following operating system:

 Windows

Overview

This article covers how to setup whole disk encryption on a Windows computer.

If your computer stores or processes high risk data (see Standards: Data Classifications), encrypting your hard drive is a necessary step to ensure the security of any data in case of loss or theft of your device. High risk data should only be stored on approved ITS servers under UI policies and standards; however, to protect any incidental data that may accidentally reside on your local system, WDE is an essential security measure. For more information, see Whole Disk Encryption FAQ.

Contact your TSP or Local Support if you are unsure if your devices require encryption.

Step 1

After signing in to your computer, you should receive a notification that encryption is required. Click the notification to encrypt.

Encryption notification

The notification disappears from the desktop after a few seconds. If it disappears or doesn't appear after login, click the Windows notification button to view hidden notifications. If present, click the notification in the list to start encryption. If you don't see the notification after a few minutes, contact your TSP or Local Support for assistance.

encryption notification hidden

Step 2

The encryption wizard opens. Check the checkbox for "I don't have any other disk encryption software installed, encrypt all my disks" and click "Yes". UI devices should not have any other disk encryption by default.

Prompt asking if any other encryption software is installed

Step 3

Leave the prompt at the default "Encrypt used disk space only" and click "Next".

How much of the drive should be encrypted

Step 4

Choose a passphrase to unlock your computer at boot. The passphrase should be unique, must be at least 8 characters in length, and should not be your name, phone number, current NetID password, or an easy to guess sequence.

Set Bitlocker decryption password

Step 5

Click "Continue" to start the encryption process. Windows encrypts transparently in the background and you can continue using your PC while it encrypts.

Click continue to encrypt

Details

Article ID: 1892
Created
Fri 5/7/21 10:44 AM
Modified
Thu 5/13/21 2:23 PM