Starting Full Disk Encryption using a TPM (Trusted Platform Module)
|
|||
In order to encrypt a Workstation's hard drive utilising the TPM, you may have to take ownership of the TPM. Once you have taken ownership of the TPM, you can then proceed to FDE the hard drive and secure the Workstation with a Pin Code or Username and Password. It is also possible to initiate 'No Extra Authentication' which will provide no authentication in the pre-boot environment, allowing you to boot straight to the Windows login. Important: Please check the TPM requirements articles below. Starting the Full Disk Encryption ProcessTo utilise the TPM please follow the steps below:
Configuring the TPM
Note: If your TPM doesn't require reconfiguring, please skip to 'Choosing the TPM Security Mode'.
A manual sync can be made by following the article here: KB195 - How do I manually synchronise the EEE Server and EEE client?
Note: When the restart takes place, a manufacturers pre-boot dialog will ask you to confirm the command. This is supplied by the manufacturer and may look different on various Workstation models / makes. The image below is taken from a Microsoft Surface Pro 3.
Choosing the TPM Security Mode
You will then have a choice of authentication modes:
KB443 - TPM Mode Username / Password KB445 - TPM Mode No Extra Authentication Related ArticlesKB177 - What is EEE Full Disk Encryption Safe Start keywords: Full Disk Encryption start initiate hard drive whole tpm transparent pin | |||
|