In this article, you will learn how to deploy and manage the BitLocker Drive Encryption on windows server 2012 and later versions.
What is BitLocker?
BitLocker is a windows data protection feature that allows you to encrypt the disk and protect the data from theft or unauthorized access. BitLocker is installed by default in the windows client operating system since windows Vista came. Still, if you want to use BitLocker in the Windows server operating system, you must install the BitLocker Drive encryption feature from the server manager.
BitLocker requires Trusted Platform Module (TPM) version 1.2 or later. If you need to enable TPM, you can enable that from the UEFI Firmware Settings.
Deploy BitLocker on Windows Server
Go to the Server Manager
Then Select Manage and then select Add Roles and Features
![Deploy and Manage BitLocker on Windows Server]()
Click Next
![Deploy and Manage BitLocker on Windows Server]()
Select the Installation Type, then Click Next
![Deploy and Manage BitLocker on Windows Server]()
Select the Destination Server and Click Next
![Deploy and Manage BitLocker on Windows Server]()
It does not require any server role to configure the Bit Locker Encryption,
Click Next
![Deploy and Manage BitLocker on Windows Server]()
In the Features, Select the BitLocker Drive Encryption and Add feature that is required for bit locker drive encryption.
![Deploy and Manage BitLocker on Windows Server]()
Then Select Next
![Deploy and Manage BitLocker on Windows Server]()
Select to restart the destination server automatically if required
And then select Yes
Then Click Install
![Deploy and Manage BitLocker on Windows Server]()
Once Bitlocker Drive Encryption is installed, the server will restart automatically.
Manage BitLocker Drive Encryption
Now Officially got the BitLocker Drive Encryption in Windows Server 2022
Go to the Control Panel à All Control Panel Items
Then select the BitLocker Drive Encryption
![Deploy and Manage BitLocker on Windows Server]()
Now you can Turn on BitLocker for the data drives
![Deploy and Manage BitLocker on Windows Server]()
Choose the option how to unlock your Drive at the startup
Select Enter a password
![Deploy and Manage BitLocker on Windows Server]()
Create your password to unlock this drive
Then Click Next.
![]()
Select the option how do you want to back up your recovery key
Select Save to a file
![Deploy and Manage BitLocker on Windows Server]()
Go to the directory to Save your recovery key
Then Click Save
![Deploy and Manage BitLocker on Windows Server]()
After selecting the directory to store the recovery key file, click Next.
![Deploy and Manage BitLocker on Windows Server]()
Choose how much of your Drive to encrypt
In my case, I select Encrypt disk space only
Then select Next
![Deploy and Manage BitLocker on Windows Server]()
Select the encryption mode to use
In my case, I select with New encryption mode
Then Select Next
![Deploy and Manage BitLocker on Windows Server]()
If you want to check your system for the BitLocker recovery and Encryption keys, you must restart the windows server operating system.
Then Start encryption to encrypt the Drive
![Deploy and Manage BitLocker on Windows Server]()
Encryption Complete Successfully
![Deploy and Manage BitLocker on Windows Server]()
You have to restart the server to test the BitLocker data encryption for the operating system drive.
Then you have to enter the password while you start up the Server to Boot the Operating System.
Then enter to continue.
![Deploy and Manage BitLocker on Windows Server]()