Question from Denise: I recently started a new job and the IT folks said I can connect my personal laptop to their network but only if it has something called Secure Boot enabled?
Can you tell me what that is and how to check to see if its enabled?
And if it isn’t enabled, can you tell me how to enable it?
If it matters my laptop has Windows 10 on it.
Rick’s answer: Denise, Secure Boot is a setting in your PC’s BIOS/UEFI firmware settings that basically instructs the machine to boot only if Windows and its related boot software is trusted by the computer’s manufacturer.
In a nutshell, the purpose of Secure Boot is to prevent a rootkit or other type of malicious software from infecting and taking over the machine before it even has a chance to boot up into Windows.
Luckily, it’s very easy to check to see if Secure Boot is enabled on your Windows 10 laptop. Just follow the steps below:
1 – Click the Start button and then type msinfo.
2 – Press the Enter key. You should now see the System Information page displayed on the screen.
3 – In the right-hand pane, find the line labeled Bios Mode and check to make sure it says UEFI. It probably will since the machine is running Windows 10.
4 – Also in the right-hand pane, find the line labeled Secure Boot State and check its status. If it says On then Secure Boot is enabled on your laptop. If it says Off then it isn’t.
If you discovered that the BIOS Mode is not set to UEFI you won’t be allowed to enable Secure Boot.
If that’s the case I strongly recommend having a PC Tech switch the machine to UEFI mode and enable Secure Boot for you in order to prevent potential issues from arising (and they very well could).
A qualified tech will be able to check your PC’s hardware and software configuration to make sure it’s capable of running with Secure Boot enabled.
If the BIOS Mode is currently set to UEFI but Secure Boot is disabled you can try enabling Secure Boot yourself. Just be aware that if things go awry you might end up having to take the laptop to a repair shop to have it straightened out.
Note: If you take your laptop to someone in your company’s IT department they should be able to help you with this unless they have a policy against working with employee-owned equipment. It’s definitely worth a try.
If you feel comfortable with trying to enable Secure Boot yourself you can do so by following the steps below:
1 – While holding down the Shift key, right-click on the Start button and click Restart.
2 – Click Troubleshoot.
3 – Click Advanced Options.
4 – Click UEFI Firmware Settings.
5 – Once you’re on the UEFI Firmware Settings screen find the Secure Boot setting.
Note: Depending on the brand and model of your laptop you’ll find Secure Boot in either the Security tab, the Boot tab, or the Authentication tab.
6 – Toggle the Secure Boot setting to Enabled.
7 – Click Save changes and then exit.
That’s all there is to it. If all goes well your laptop should now boot up into Windows with Secure Boot enabled. You can verify that by repeating the procedure outlined in the previous section.
If your PC refuses to boot back into Windows you’ll probably need to have a qualified PC Tech get things straightened back out for you.
I hope this helps, Denise. Good luck!
Update from Denise: I followed the steps you gave for checking to see if Secure Boot is already enabled and I found out that it is. Thanks for helping me with this!