Enterprises that care about security will be pleased with the new BitLocker Drive Encryption, a hardware-based method of encrypting all data on a PC using the Advanced Encryption Standard (AES) with 128 or 256-bit keys. It's primarily designed to be used with laptops, so that if one is stolen, the data on it will not be able to be read by a thief. Even startup and logon information is encrypted, so that the laptop won't even be able to be started. Given that nearly every week a laptop is stolen or lost that contains private information, this will be welcomed by any corporations that have sensitive data.

BitLocker is designed to be used in concert with hardware that conforms to the Trusted Platform Module (TPM), which uses an embedded microchip to store encryption keys. The hardware must include a version 1.2 or higher TPM and use a Trusted Computing Group (TCG)-compliant BIOS.

BitLocker can also be used with non-TPM hardware by using a USB flash drive to store an encryption key. In theory, that may be true. In our experience, though, it's not that simple to do, and some users have reported problems with doing this. So enterprises should be forewarned to use BitLocker only on TPM-compatible hardware.

Reliability and performance

Windows XP and Windows 2000 both offered large reliability gains over the earlier Windows 9x/ME versions of the operating system. Windows performance, though -- which includes startup and shutdown times, application-loading speed, and the crispness with which dialogs, menus, and applets run -- has never increased appreciably. Microsoft has tried to claim performance enhancements with each successive new version, but in the real world, most of us have never seen them. In fact, you could make a case that Windows 98 was faster at some things (not startup times) than Windows 2000.