7480 with Liteon SED, How to Enable Hardware Bitlocker Encryption? - Dell DSS - Security - Dell Community

7480 with Liteon SED, How to Enable Hardware Bitlocker Encryption?

Security

Security
All things Dell Security related

7480 with Liteon SED, How to Enable Hardware Bitlocker Encryption?

  • I have a brand new 7480 with a Liteon CV3 OPAL2 Self Encrypting Drive.

    Windows 10 Pro was preinstalled and Bitlocker was already turned on after the initial Windows 10 setup, but I can tell that it's only using Software encryption. Bitlocker via software decryption works fine.

    How do I turn on Hardware decryption to take advantage of my SED?

  • Hello There decker12!

    Thanks for contacting us via our forums.  In order to take advantage of your SED device you will need security software to setup management of the drive.  We have our Dell Data Security products that can do this or you can use software provided by a 3rd party vendor.  

    If you have have the Dell factory OS image on your device you should have a application installed called Dell Digital Delivery which gives you access to any purchased software you made when buying your 7480.  You can use that software to pull down Dell Data Security if that was purchased along with your laptop.

    If you have put a new OS image on the device you can install the Dell Digital Delivery software again via the link below.  Once installed it will use the service tag from your BIOS to sync up and get your digital purchases back onto your PC.

    www.dell.com/.../dell-digital-delivery

    If this helps resolve your issue or you need further assistance please let me know.

    Best Regards,

    Best Regards,

    Stephen O

    Senior Principal Engineer, Support & Delivery Services

    Dell Data Security

    Need Immediate help? Please call DDS Support @ +1.877.459.7304 Ext. 4310039

  • We do not have Dell Data Security with our new laptops, nor do we particularly want it as we've used DDP in the past and found it to be cumbersome to setup, difficult for the end users, lacking in documentation, and it's mysteriously bricked several hard drives (through no fault of my own or the users) while using it. The Dell security suite, whether they are fingerprint based, or handle the SED, I genuinely would not recommend to anyone. They were a nightmare.

    We would like to use the built in Bitlocker encryption provided with Windows 10, except instead of it using software encryption, we want it to use the SED.

    If I had a Samsung drive there are clear instructions on how to use the Samsung drive utilities to enable the SED, but there doesn't appear to be any tool to enable the hardware features of a Liteon SED. That's what I'd like to use.

  • I've looked into the Bitlocker via SED several times in the past for my own education but never found anything concrete on how you can make it work.  This time I was able to find the below article and it appears if you want to use Bitlocker and hardware level encryption it needs to be a eDrive.  Below is a excerpt from the Microsoft article.

    "Self-Encrypting Hard Drives and Encrypted Hard Drives for Windows are not the same type of device. Encrypted Hard Drives for Windows require compliance for specific TCG protocols as well as IEEE 1667 compliance; Self-Encrypting Hard Drives do not have these requirements. It is important to confirm the device type is an Encrypted Hard Drive for Windows when planning for deployment."

    technet.microsoft.com/.../hh831627.aspx

    Best Regards,

    Stephen O

    Senior Principal Engineer, Support & Delivery Services

    Dell Data Security

    Need Immediate help? Please call DDS Support @ +1.877.459.7304 Ext. 4310039

  • Thanks for your help. I've come to the conclusion as well that it doesn't seem to be something we can make work without using third party software. Seeing as we'll be using Bitlocker as software encryption, safe to say we can stop ordering SEDs with our laptops and just order regular M2 SSDs.

    Good news is that Bitlocker software encryption so far isn't much of a CPU drain, and it encrypts as well as our Macs using Filevault 2.

    Thanks for the confirmation, it's been something that I've tried to make work with Windows 7, and now that we're upgrading to Windows 10 I can see that it's not something we should dump resources into figuring out.