Importance of BitLocker While we often speak of cyber security in terms of access to privileged accounts and our organization’s systems, there is another piece of the security puzzle that is just as important...
Recently, I was approached by a good friend with a question; “How do we retrieve a list of Intune managed Windows devices that are missing the BitLocker recovery key.” In other words, they needed a way to...
How can you migrate Bitlocker to Azure AD without needing to re-encrypt or add new recovery keys to your managed devices? This article will illustrate one way to escrow (backup) the existing recovery key, using nothing...
Intune and Windows 10 supports automatic key rollover when a key has been used to unlock or recover a drive. This means the key in Azure AD will be automatically replaced with a new key after a successful recovery key...
In this, the final part of the series, we look at how the MBAM client and settings are deployed in the 2002 release of Configuration Manager. Series Links Goodbye MBAM – BitLocker Management in Configuration...
In part two of this three part series, I will run through how to customise the BitLocker Self Service portal in Configuration Manager build 2002. Series Links Goodbye MBAM – BitLocker Management in Configuration Manager...
Back in January 2019 I wrote a series on setting up and customising MBAM (), a product that was part of the Microsoft Desktop Optimisation Pack, and a product that at the time was earmarked for retirement. At the time...
At Ignite 2019 Microsoft announced BitLocker key rotation for Intune managed Windows 10 devices. It is a long awaited feature and closes the feature gaps in the cloud managed BitLocker solution. In this article we have...
For a modern workplace these days, Microsoft is enabling provisioning of devices without the need of managing the image that resides on the devices. With this new way of managing devices from a provisioning perspective...
In this, the final part of this four-part series, we will look at how to validate MBAM is escrowing keys, they are retrievable through different methods. Part 1: Installation of MBAM components Part 2: Validating IIS...