In the past I used VeraCrypt. When I booted the work laptop, it required the password to decrypt the drive and boot.
Now I have BitLocker / Win 10 and the weird thing is it doesn’t require a password.
So by the time the computer has booted, the drive is likely decrypted and filesystem accessible internally. I’m using the usual password/pin/fingerprint methods to log in. The same applies to all company laptops, we only use laptops and there are a few.
Some are taken on the road just like mine. Others left at firm but hey, a theft is always possible despite alarms etc.
Is there something I need to do to increase security with BitLocker? I don’t mind entering yet a password if that is needed.
Attack scenario – laptop is lost and someone would be able to access company data if the drive is already decrypted and data might be accessible through hardware methods – connecting to it internally or anything in the line.
Note, it’s a modern laptop 11 Gen Intel if anything in the boot sequence /security matters as hardware.
TIA for any advice!