AppTec360 Enterprise Mobility Management (EMM) is not only suitable for managing mobile devices but also PCs. For PCs, the...
Tag Archive for: encryption
4sysops - The online community for SysAdmins and DevOps
Save and access the BitLocker recovery key in the Microsoft account

Microsoft offers several options for storing the recovery key when activating BitLocker. Traditionally, you could print it out or...
Find Active Directory accounts configured for DES and RC4 Kerberos encryption

While DES has long been considered insecure, CVE-2022-37966 accelerates the departure of RC4 for the encryption of Kerberos tickets....
Encrypt email in Outlook with Microsoft 365

A support ticket came in recently, in which a client asked whether they needed to upgrade their Microsoft 365...
Enable TLS on SQL Server

Secure Socket Layer (SSL) and Transport Layer Security (TLS, which builds on the now deprecated SSL protocol) allow you...
Common BitLocker errors

In my previous post, I explained how to enable BitLocker with PowerShell and how to unlock, suspend, resume, and...
Enable BitLocker for Windows 10 and Windows 11 with Intune on multiple computers

This post explains how you can enable BitLocker for Windows 10 and Windows 11 with Intune on multiple computers...
Enable BitLocker with PowerShell

BitLocker is a volume encryption technology that was first introduced in Windows Vista and Windows Server 2008. Like other...
Restore BitLocker-encrypted drives from image backup

In this guide, I'll take a closer look at the process of restoring a BitLocker-encrypted drive from an image...
Encrypt Microsoft 365 email

Customers using Exchange Online can take advantage of Microsoft Office 365 Message Encryption (Microsoft OME) as an online service...
How to migrate Active Directory Certificate Services to SHA-2 and Key Storage Provider

Businesses need to migrate from the deprecated SHA-1 to SHA-2 to bolster their cybersecurity posture. They may still be...
Migrating AD certificate services to SHA-2: Considerations and challenges

Secure Hash Algorithm (SHA) has been around since the mid-90s and is one of the leading cryptographic hash algorithms...
Provide strong Windows authentication using virtual smart cards

Virtual smart cards provide the benefits of physical smart cards without extra costs or hardware. They are based on...
Manage encrypted PCs remotely using BitLocker Network Unlock

TPM+PIN decryption with BitLocker requires physical access to the device when the endpoint boots or resumes from sleep. This...
OpenVPN IPv6 and IPv4 configuration

OpenVPN is a free, popular, and powerful VPN solution. In this guide, I describe a minimal IPv6 and IPv4...
ManageEngine PAM360: Privileged access management for enterprises

ManageEngine PAM360 is an enterprise solution that allows businesses to gain control over privileged access management in their environment....
Unlock BitLocker drives using recovery agents

If a user can no longer access an encrypted drive, for example because they have forgotten the password, then...
Issue certificates for BitLocker recovery agents

BitLocker supports several mechanisms to unlock an encrypted drive. These include recovery agents, whose certificate can be used to...
Use OpenSSL-based software XCA as offline root certificate authority for AD Certificate Services

When Active Directory Certificate Services are deployed, Microsoft recommends at least a two-tier infrastructure, comprising a root CA and...
BitLocker To Go: USB drive cannot be encrypted

If you want to encrypt a USB drive with BitLocker To Go, it might happen that the command to...