ReleasesWhat's New

Bitlocker Disk Encryption has Arrived at Prey | Feature Release

Use our new Disk Encryption tool to easily encrypt data on compatible Windows devices remotely using Windows’ native BitLocker tool.

Feature Image

Enterprises with fleets using Windows as an operating system can now take advantage of Microsoft’s native BitLocker disk encryption tool using Prey! Let us introduce you to our new Disk Encryption action. This tool allows you to easily activate BitLocker’s disk encryption remotely on compatible devices (Windows 10 Pro, Enterprise, or Education) and protect the data on their hard drives!

BitLocker is a native encryption tool that comes with Windows 10 Pro, Enterprise, or Education and doesn’t need to be installed or bought separately.

This new tool has been added to our Enterprise plan, and it is the next step into better helping organizations secure their data. Encryption is a key risk mitigator! Data theft, data breaches, or device loss won’t result in compromised data if said information is encrypted.

How to use the Disk Encryption Tool

This action will be available on any Windows 10 device using a Windows Pro, Enterprise, or Education version and with hardware that possesses the TPM (Trusted Platform Module). To turn on BitLocker:

1) Find a compatible Windows device on your Prey control panel, and access its individual view by clicking it on the device list. Once there, you can find the Disk Encryption action on the right-hand action bar.

2) Click on the action’s button to begin the process. You will need to select the drives on the computer that you want to encrypt with BitLocker.

3) Select the encryption method you want to apply. Selecting ‘Full Disk’ takes longer, but protects the complete disk (unused, and used). This is ideal for computers that are in active use; on the other hand, selecting the ‘Used Space Only’ will be faster, but doesn’t protect unused space. This is ideal for brand new computers that haven’t had data stored yet.

4) Finally, select the encryption standard. AES_128 is ideal for fixed internal drives, and XTS_AES128 is ideal for removable drives like a flash drive. This option represents the type of encryption applied.

5) Click Start Encryption to apply!

What will happen next?

Prey will reach out to the device and, once connected, will request BitLocker to begin the encryption process. You can click the action to see a progress bar and follow the encryption process as it protects the selected drive.

Note that the encryption process is not instant, as Windows will need to encrypt all available data as a whole. The completion time will vary according to the computer’s specifications and the disk’s data size. 

The encryption process is ongoing and the device can be used continuously even when encrypting, and when completed all newly generated data will be encrypted by default. This, however, does mean that the computer’s performance will be slightly modified as a minor part of processing power will run this continuous encryption process. The recovery key (or encryption key) and disk password will be available on the devices’ hardware details in your account.

How to Decrypt a Disk Encrypted With Prey

The decryption process is fairly straightforward. You can find the Decrypt option in the same action as before, Disk Encryption. 

  1. Find a Windows device on your Prey account that had been previously encrypted using the same platform, and click on it to access its individual view.
  2. Open the Disk Encryption tool, and select the target disks to be decrypted.
  3. Click decrypt and Prey will initiate the process.

What will happen next?

Prey will connect to the Windows device and disable BitLocker, commencing the decryption of the selected disks. This process takes anywhere from 20 minutes to a couple of hours depending on the disk’s size, and the computer’s characteristics. If the device is turned off, it will be interrupted and resumed when turned back on.

Try it out!

If you have an Enterprise plan, the Disk Encryption action has already been added to your account and you can manage BitLocker on any compatible Windows device. Full device encryption is one of the easiest and most encompassing prevention actions you can take to avoid data theft, and enabling BitLocker has never been easier at Prey.

If you need to know more about how to encrypt and decrypt your devices, feel free to check out the documentation about Prey and BitLocker on our help site.

If you don’t have an account yet, start a free 14-day trial today! You’ll be able to test Prey’s encryption, tracking, and inventory on your fleet.

data loss
About the author

Norman Gutiérrez

When you stare into the abyss, the abyss stares back at you. Not this one though, it's shy. (စ - စ )