Pareto Security
Pareto Security
Pricing Contact
Start for Free

Existing customer? Login

CIS ISO NIST CSF SOC

Disk encryption is enabled

Time to fix

< 5m

What

BitLocker encrypts your entire drive, protecting your data if your device is lost or stolen. Without disk encryption, anyone with physical access to your computer can read your files.

How to enable BitLocker on Windows 11

  • Open Settings from the Start menu.
  • Go to Privacy & security > Device encryption.
  • Toggle Device encryption to On.

How to enable BitLocker on Windows 10 Pro/Enterprise

  • Open Control Panel > System and Security > BitLocker Drive Encryption.
  • Click Turn on BitLocker next to your OS drive (usually C:).
  • Choose how to back up your recovery key (Microsoft account, USB drive, file, or print).
  • Select Encrypt entire drive for maximum security.
  • Choose New encryption mode (XTS-AES) for fixed drives.
  • Click Start encrypting.

Note: Windows 10/11 Home editions support Device Encryption if the hardware meets the requirements (TPM 2.0 and Modern Standby). BitLocker with full management options requires Pro, Enterprise, or Education editions.