sheridan
IT Services
Information Security

Laptop Encryption

Beginning on Tuesday, October 11, IT will encrypt all Sheridan owned or leased Windows 7 laptops that support encryption using Microsoft BitLocker Administration (MBAM). This will protect data on employee laptops in the event the device is lost or stolen and will have no noticeable impact to your day-to-day activities or your laptop’s performance.

Please follow the steps below to encrypt your laptop:

IMPORTANT – PLEASE NOTE:

To begin encryption of your laptop, you must:

  • Reboot your laptop while connected to the Sheridan network via a wired connection. After rebooting and logging in, you may disconnect the ethernet cable and resume work wirelessly.

  • Be plugged in to AC power. You do not want your laptop to run out of power during the encryption process.
  1. Connect your laptop to the network using an Ethernet cable. Once you are plugged in, wait at least 10 seconds, then start or reboot your laptop and log in. After logging in, you may disconnect the Ethernet cable and resume work wirelessly.

  2. Within a few hours, you will see the following screen. Note that starting the encryption process can be postponed for 24 hours.
    BitLocker start window

  3. Make sure your laptop is connected to AC power. It is recommended that you leave your laptop plugged in during the encryption process

  4. The encryption of C: begins when you click Start. You will still be able to use your laptop while encryption runs in the background, however, drive space will be limited. It is recommended that you DO NOT install software, perform software updates, or download very large files until encryption is complete. Note that in our testing, encryption of C: took on average 3 hours to complete.
    encryption progress window

  5. After the encryption of C: has begun, you must manually begin the encryption of ‘D:’.
    • Go to Start > Computer.
    • Right click on the D: drive and select “Turn on BitLocker…”:

    Turn on BitLocker menu item

  6. In the BitLocker Drive Encryption (D:) window that pops up, choose “Automatically unlock this drive on this computer”, and click Next.
    D drive auto unlock option

  7. On the next screen, it is recommended that you choose “Save the recovery key to a file” and save this file to your personal network drive (e.g. G: drive).
    save recovery key

  8. Once you have saved the recovery key, you will see “Your recovery key has been saved.” Click Next, then click Start Encrypting. Note that in our testing, encryption of D: took from 30 minutes to 1 hour to complete.

    Start encrypting D
    Encryption progress window for D

  9. Once encryption is complete, your drives will look like this. Note the lock icons on top of the drive icons.
    Drive icons after encryption

Additional Notes

This is what your drives look like prior to encryption. Note the lack of lock icons.drive icons prior to encryption

This is what your drives look like during the encryption process. In this screen capture, the C: drive is being encrypted, while encryption of D: drive has not yet begun.Drive icons during encryption

If you close the encryption progress window or reboot your laptop during the encryption process, you will no longer see the progress window. However, encryption is still running in the background. If the computer is turned off or goes into hibernation, encryption will resume where it stopped the next time Windows starts.