If you have .VHD BitLocker encrypted files and would like to mount it using PowerShell:
$ss = Read-Host "Enter BitLocker Password:" -AsSecureString
Mount-VHD <path-to-VHD>\Example.VHD
#Check your disk manager which drive letter the volume is assigned to the VHD
Unlock-BitLocker -MountPoint <drive letter> -Password $ss
Showing posts with label BitLocker. Show all posts
Showing posts with label BitLocker. Show all posts
Monday, May 16, 2016
Sunday, June 22, 2014
BitLocker Day
Today is the BitLocker day. I am BitLocking my file system with BitLocker. I have a QNAP and a File Server running Windows 2012 R2. My client machines, Windows 8.1 is having mapped drives that attach to the network shares on the File Server.
To secure the files:
Firstly I have a iSCSI drive set at QNAP and my File Server is using that drive by iSCSI initiator, lets say I: drive
Secondly, I create a VHDX file and store it in the I: drive. This newly created VHDX file is then mapped as a volume, lets say G: drive.
Thirdly, I have my data stored in the G: drive and share it as necessary to be used by my Windows 8.1 client.
Lastly, I enable BitLocker on the G: drive so that the VHDX is encrypted.
By having this configuration, the actual data is stored within the VHDX file which is encrypted by BitLocker. The I: drive is not encrypted - however it only contains .VHDX file(s) that need password if you want to mount that.
I purposely do not enable BitLocker auto-mount on G: drive. This to ensure if both File Server and QNAP are stolen, my data is not exposed. The only disadvantage of this method is that I need to mount the G: drive every time the File Server is rebooted - no biggie.
To secure the files:
Firstly I have a iSCSI drive set at QNAP and my File Server is using that drive by iSCSI initiator, lets say I: drive
Secondly, I create a VHDX file and store it in the I: drive. This newly created VHDX file is then mapped as a volume, lets say G: drive.
Thirdly, I have my data stored in the G: drive and share it as necessary to be used by my Windows 8.1 client.
Lastly, I enable BitLocker on the G: drive so that the VHDX is encrypted.
By having this configuration, the actual data is stored within the VHDX file which is encrypted by BitLocker. The I: drive is not encrypted - however it only contains .VHDX file(s) that need password if you want to mount that.
I purposely do not enable BitLocker auto-mount on G: drive. This to ensure if both File Server and QNAP are stolen, my data is not exposed. The only disadvantage of this method is that I need to mount the G: drive every time the File Server is rebooted - no biggie.