Читать книгу Windows 11 All-in-One For Dummies - Ciprian Adrian Rusen - Страница 52

BitLocker was introduced in Windows Vista and has been improved since. BitLocker runs underneath Windows: It starts before the operating system starts. The Windows partition on a BitLocker-protected drive is completely encrypted, so bad guys who try to get to the file system can’t find it.

Encrypting File System (EFS) is a method for encrypting individual files or groups of files on a hard drive. EFS starts after Windows boots: It runs as a program under Windows, which means it can leave traces of itself and the data that’s being encrypted in temporary Windows places that may be sniffed by malicious programs. The Windows directory isn’t encrypted by EFS, so bad people who can get access to the directory can hammer it with brute-force password attacks. Widely available tools can hack EFS if the cracker can reboot the computer that is attacking. Thus, for example, EFS can’t protect the hard drive on a stolen laptop or notebook. Windows has supported EFS since Windows 2000.

EFS and BitLocker are complementary technologies: BitLocker provides coarse all-or-nothing protection for an entire drive. EFS lets you encrypt specific files or groups of files. Used together, they can be hard to crack.

There’s also BitLocker To Go, which provides BitLocker-style protection to removable drives, including USB drives. You should use it when storing important data on your USB drives.

That leaves you with Windows 11 Home, unless you have the need to do one of the following:

 Connect to a corporate network. If your company doesn’t give you a copy of Windows 11 Enterprise, you need to spend the extra bucks and buy Windows 11 Pro.

 Play the role of the host in a Remote Desktop interaction. If you’re stuck with Remote Desktop, you must buy Windows 11 Pro.Note that you can use Remote Assistance any time, on any Windows PC. (See Book 7, Chapter 3.) The Windows 11 Pro restriction is specifically for Remote Desktop, which is commonly used inside companies but not that much by other types of users. Many business users find that TeamViewer, a free alternative to Remote Desktop, does everything they need and that Remote Desktop amounts to overkill. TeamViewer lets you access and control your home or office PC from any place that has an internet connection. Look at its website, www.teamviewer.com.

 Provide added security to protect your data from prying eyes or to keep your notebook’s data safe even if the notebook is stolen. Start by determining whether you need Encrypting File System (EFS), BitLocker, or both (see the BitLocker sidebar). Windows 11 Pro has EFS and BitLocker — with BitLocker To Go tossed in for even more protection.

 Run Hyper-V. Some people can benefit from running virtual machines inside Windows 11. If you absolutely must get an old Windows 7 program to cooperate, for example, running Hyper-V with a licensed copy of Windows 7 may be the best choice. For most people, virtual machines are an interesting toy but not much more.