Turn on native encryption - Windows 10

Before you can turn on native encryption for Windows, you will need to verify a few things.

  • Your computer must have at least the following hardware specifications:
    • Processor: Intel i5 or better
    • Memory: 8GB RAM or better
    • Storage: 256GB Hard Drive (Solid State)
    • Screen size: 13" or higher
    • Connectivity: WiFi and Bluetooth
    • Expansion: USB 3 or higher
  • Backup your data.
  • Computer must be running Windows 10.
  • If your computer is running a different version of Windows, backup your data, go to ouhsc.edu/registerdevice and request encryption at the HSC campus in OKC. We will have to delete all data from the computer and install Windows 10 Education.
  • If you have an antivirus already installed (McAfee, Symantec, Avast, etc.), please uninstall it before you begin. Microsoft’s Windows Defender is allowed. If you don’t uninstall your existing antivirus, it will cause a decrease in speed of your computer and make your computer more vulnerable to viruses and malware.
  • If your computer is running Windows 10 Education, proceed below:


  1. Click the Windows start button in the lower left corner; click “Settings” (gear icon on the left).

  2. Click “System” (upper left corner)

  3. Scroll down on the left side; click “About.” scroll down on the right to “Windows specifications” and verify you’re on Windows 10 Education.

  4. Click “Settings” in the upper left corner.

  5. Click “Updates & Security”.

  6. Click “Advanced options”.

  7. Scroll down to “Choose when updates are installed;” defer feature updates for 365 days and security updates for 30 days.

  8. Scroll back up to top. Under “Update options,” turn ON updates for other Microsoft products. Under “Update notifications,” turn ON notifications for restarts (in some versions of Windows 10, notifications and options have merged to “Update Options”).

  9. Click “Settings” in the upper left corner.

  10. You should be on the “Windows Update” window. Click “Check for updates”.

  11. Updates will install and Windows will probably need to restart.

  12. Once Windows restarts, sign back in.
  13. Click the Windows start button in the lower left corner; click “Settings” (gear icon on the left).

  14. Click “Updates & Security”.

  15. Click “Check for updates”.

  16. Repeat the above update steps until the message states, “You’re up to date”.
  17. Close “Settings.”
  18. Click the Windows key in the lower left corner of your computer’s desktop; type bitlocker and then press the Enter key.

  19. In the Bitlocker Drive Encryption window, click “Turn on Bitlocker.”

  20. As Bitlocker prepares to encrypt your hard drive, you will be asked how you want to back up the recovery key. For this example, we will use a USB stick and click “Save to a file.”

  21. In File Explorer, select the USB stick on the left, then click “Save.”

  22. After the recovery key has been saved, you’ll be back at the previous window, click “Next.”

  23. When asked to choose how much of your drive to encrypt, select “Encrypt used disk space only” and click “Next.”

  24. When asked to choose an encryption mode, select “New encryption mode” and click “Next.”

  25. When asked if you’re ready to encrypt your drive, select “Run Bitlocker system check” and click “Continue.”

  26. When the check has finished, and Windows is ready to encrypt the hard drive, you’ll see a notification in the lower right corner stating you’ll need to restart the computer (If the message goes away, click on the up arrow, click on the little lock with a caution sign to see the message). Click on the message.

  27. Click “Restart now.”

  28. Once Windows restarts, sign back in.
  29. Click on the up arrow on the lower right side of the system tray and click the little lock.

  30. You’ll see a progress bar of how much the drive has been encrypted.

  31. You’ll see a message stating that your computer’s hard drive has been encrypted. Click “Close.”



Article ID: 2234
Wed 5/5/21 9:35 AM
Thu 1/5/23 3:11 PM