In recent years, diverse security mechanism are continually invented and leveraged in the world. To prevent business confidentiality attacked by unfriendly invasion, businessmen pay more attention on security design for their laptops than ever before.
In our daily life, login password, Windows Hello, USB lock, etc., are some basic ways that commonly used to protect our personal data. To reach even higher-leveled protection, Trusted Platform Module 2.0(TPM 2.0) might be another choice to enhance our privacy.
TPM 2.0 is a hardware-based, security-related functions that commonly integrated in business-leveled product. For instance, MSI first introduced TPM 2.0 in Workstation series aiming to provide secure environment for engineers and designers. Now, MSI extends its step to Business laptop. In summit series, it also offers TPM 2.0 solution for those who has security demand while holding business confidentiality on hand.
What is TPM 2.0?
TPM 2.0 is a secure crypto-processor technology that aids with actions such as generating, storing, and limiting the use of cryptographic keys. TPM 2.0 could operate with BitLocker, a software-based security mechanism that also features data protection, which could be found in Windows 10 PC. By operating together, the encryption process ensures our data from storage (SSD or hard drive) cannot be tampered, read, and moved no matter online or offline. Only if your computer receive 48-digit (default) key generated by BitLocker, there’s no way to unlock your storage even plug it into other laptop.
How to utilize TPM 2.0 through BitLocker?
BitLocker is an encryption technology built in Windows 10. Note that Windows 10 Home does not support BitLocker, while Windows 10 Pro, Windows 10 Enterprise and Windows 10 Education do. Thus, if you need BitLocker but do not own Windows 10 Enterprise, remember to choose MSI Summit series with Windows 10 Pro.
When your hard disk is encrypted, nobody else can read the data even if they physically take it out and plug into another computer.
And here’s how to encrypt your hard disk by using BitLocker powered by TPM 2.0.
What to prepare: 1. Your MSI laptop with TPM 2.0 support 2. A USB flash drive or portable disk
1. Search “BitLocker” in Windows 10 Start Menu and click it
Click “Turn on BitLocker” on the hard disk that you want to encrypt
Or right click on the hard disk that you want to encrypt in File Manager, select “Turn on BitLocker”
2. Store recovery key in case you forgot your password.
Here, you can either choose “Save to your Microsoft account”, “Save to a file”, or “Print the recovery key”.
The following steps will be demonstrated by using “Save to a file” to USB flash drive.
3. Plug in your USB flash driver or portable hard disk, select the folder that you wish to save the key, then click “save”.
4. Select encryption type. If your laptop is not brand new and has been using for a while, choose “Encrypt entire drive”.
If not, select “encrypt used disk space only” to save your time.
5. Confirm encryption, click “Start encrypting”.
6. Windows will show that the encryption has started. Don’t worry if you close those windows, the encryption will keep going. And if you turn off your computer, the encryption will resume upon next boot up.
7. If you do not see the “Encryption is complete” message, you could check in “manage BitLocker window” whether it shows “BitLocker on”. If yes, you have successfully encrypted your hard disk, under the protection of MSI discrete TPM2.0.
Remember to keep your recovery key file saved earlier in a separate safe place.
What happens if unauthorized users try to access your encrypted storage?
If someone else removes your hard disk then installs on a new machine and tries to boot it, BitLocker password is required to boot into Windows.
If the hard disk is installed on another computer but booted with OS on another disk, the encrypted disk will show a lock icon, and require password to access files in it.
With TPM 2.0 in MSI Summit Series, Corporation and businessmen no longer need to worry about cybersecurity.