encryption – 4sysops

Selecting the volumes for a backup with Snapshot

+

Restore BitLocker-encrypted drives from image backup

Welf Alberts Thu, May 19 2022 encryption, security, windows 0

In this guide, I'll take a closer look at the process of restoring a BitLocker-encrypted drive from an image...

Creating a new mail flow rule to apply Microsoft Office 365 Message Encryption

+

Microsoft Office 365 Message Encryption: Encrypt email in Microsoft 365

Brandon Lee Mon, Apr 11 2022 cloud computing, encryption, office365, security 0

Customers using Exchange Online can take advantage of Microsoft Office 365 Message Encryption (Microsoft OME) as an online service...

They contain the certificate hash and provider details

+

How to migrate Active Directory Certificate Services to SHA-2 and Key Storage Provider

Brandon Lee Mon, Aug 9 2021 active directory, encryption, security 0

Businesses need to migrate from the deprecated SHA-1 to SHA-2 to bolster their cybersecurity posture. They may still be...

Confirming the provider and hash algorithm in AD CS

+

Migrating AD certificate services to SHA-2: Considerations and challenges

Brandon Lee Thu, Aug 5 2021 encryption, security 2

Secure Hash Algorithm (SHA) has been around since the mid-90s and is one of the leading cryptographic hash algorithms...

+

Provide strong Windows authentication using virtual smart cards

Brandon Lee Mon, Aug 2 2021 encryption, security 1

Virtual smart cards provide the benefits of physical smart cards without extra costs or hardware. They are based on...

Require additional authentication at startup

+

Manage encrypted PCs remotely using BitLocker Network Unlock

Brandon Lee Mon, Jul 19 2021 encryption, security 2

TPM+PIN decryption with BitLocker requires physical access to the device when the endpoint boots or resumes from sleep. This...

Testing OpenVPN with traceroute and traceroute6

+

OpenVPN IPv6 and IPv4 configuration

Michael Pietroforte Mon, Mar 1 2021 encryption, networking, security 8

OpenVPN is a free, popular, and powerful VPN solution. In this guide, I describe a minimal IPv6 and IPv4...

+

ManageEngine PAM360: Privileged access management for enterprises

Brandon Lee Tue, Feb 23 2021 encryption, password, security 0

ManageEngine PAM360 is an enterprise solution that allows businesses to gain control over privileged access management in their environment....

Adding public key for a recovery agent in the GPO editor

+

Unlock BitLocker drives using recovery agents

Wolfgang Sommergut Mon, Feb 15 2021 bitlocker, encryption, security 0

If a user can no longer access an encrypted drive, for example because they have forgotten the password, then...

+

Issue certificates for BitLocker recovery agents

Wolfgang Sommergut Mon, Feb 8 2021 bitlocker, encryption, security 0

BitLocker supports several mechanisms to unlock an encrypted drive. These include recovery agents, whose certificate can be used to...

+

Use OpenSSL-based software XCA as offline root certificate authority for AD Certificate Services

Riccardo Bicelli Wed, Jan 27 2021 encryption, security, web server 6

When Active Directory Certificate Services are deployed, Microsoft recommends at least a two-tier infrastructure, comprising a root CA and...

When the GUI option is missing the encryption cannot usually be activated via PowerShell either

+

BitLocker To Go: USB drive cannot be encrypted

Wolfgang Sommergut Mon, Dec 28 2020 bitlocker, encryption, security 1

If you want to encrypt a USB drive with BitLocker To Go, it might happen that the command to...

By default, users can encrypt USB drives themselves with BitLocker

+

BitLocker To Go: Configure USB drive encryption with Group Policy

Wolfgang Sommergut Mon, Dec 21 2020 bitlocker, encryption, security 6

If companies want to prevent data leakage, then they should pay special attention to removable drives. If a USB...

+

Encrypt in AWS using the Key Management Service (KMS)

Graham Beer Wed, Oct 28 2020 AWS, cloud computing, encryption, security 0

The AWS Key Management Service (KMS) allows you to create and manage cryptographic keys that you can use across...

GPO setting to backup recovery keys for system drives in Active Directory

+

Store and Retrieve BitLocker Recovery Keys from Active Directory

Roland Eich Fri, Jan 17 2020 active directory, encryption, group policy, security 1

Encrypting drives with BitLocker is essential for protecting Windows notebooks against theft and misuse of data. However, if users...

Simple application of Protect CmsMessage and Unprotect CmsMessage

+

Encrypt event logs and files with PowerShell and group policies

Wolfgang Sommergut Mon, Nov 25 2019 encryption, group policy, log management, powershell, security 3

A new feature of Windows 10 and Server 2016 is Protected Event Logging, which encrypts sensitive data in the...

Document encryption is added to the application policies

+

Issuing certificates for document encryption (Cryptographic Message Syntax)

Wolfgang Sommergut Thu, Nov 21 2019 encryption, security, windows 10 0

Beginning with version 5, PowerShell supports the IETF standard Cryptographic Message Syntax (CMS) to encrypt data or log entries....

Selecting the template to be issued by the certificate authority

+

Solution for “The requested certificate template is not supported by this CA”

Wolfgang Sommergut Wed, Nov 20 2019 encryption, security 0

Sometimes you need to create your own template for requesting certificates from a Windows CA, e.g., for encrypting or...

+

Specops Key Recovery: Self-service for unlocking BitLocker-encrypted devices

Robert Pearman Thu, Oct 24 2019 encryption, security 0

Specops Key Recovery (SKR) is a self-service solution for unlocking devices encrypted with BitLocker or Symantec Endpoint Encryption in...

Displaying the thumbprint of the new certificate with PowerShell

+

Install an SSL certificate in Windows Admin Center

Wolfgang Sommergut Tue, Sep 17 2019 encryption, security 7

If you install Windows Admin Center (WAC) in gateway mode, the browser should communicate with the server via a...