MX130 S2 Upgrade and Maintenance Manual 59
5 Basic software procedures
5.1 Starting the maintenance task
5.1.1 Disabling BitLocker functionality
BitLocker Drive Encryption provides protection for operating system and data
drives by encrypting the contents and requiring users to authenticate their
credentials to access the information. On the operating system drive, BitLocker
uses the compatible Trusted Platform Module (TPM) to detect if the computer's
startup process has been modified from its original state.
Disabling BitLocker Drive Encryption is a temporary method for removing
BitLocker protection without decrypting the drive Windows is installed on.
Disable BitLocker before modifying the server’s hardware configuration or
startup files. Enable BitLocker again after the maintenance procedure is
complete.
V CAUTION!
– With BitLocker features enabled, modifying the system configuration
(hardware or firmware settings) may render the system inaccessible.
The system may enter Recovery Mode and require a 48-digits
recovery password to return to normal operation.
Ensure to disable BitLocker drive encryption before maintaining the
server.
– When disabled, BitLocker uses a plain text key instead of the Trusted
Platform Module (TPM) to read encrypted files. Keep in mind that
information on this drive is not secure until BitLocker has been re-
enabled.
Ê Ask the system administrator to disable BitLocker-protection on the
operating system drive, using the BitLocker setup wizard available either
from the Control Panel or Windows Explorer:
Ê Open Bitlocker Drive Encryption by clicking the Start button, clicking
Control Panel, clicking Security, and then clicking Bitlocker Drive
Encryption.