You can configure various settings for BitLocker using group policies, but this doesn't initiate encryption. Similarly, it doesn't create...
Tag Archive for: encryption
4sysops - The online community for SysAdmins and DevOps
Encrypt Kubernetes Secrets at rest

In a previous post, you learned that Kubernetes Secrets are not really secure by default; that is, they are...
The permissions on the certificate template do not allow the current user to enroll for this type of certificate

When requesting an SSL certificate from Active Directory Certificate Services, the process may fail due to a lack of...
Export certificate as CER, DER, P7B, or PFX

When transferring a certificate to another computer, it is common practice to export it from the cert store and...
TPM, PIN, Passwords, and SID: Managing BitLocker Key Protectors

BitLocker uses symmetric encryption methods to encrypt drives. The key used for this is protected by two encryption layers....
Secure BitLocker key with a PIN

By default, BitLocker is configured to release the volume master key (VMK) solely through the TPM. However, this might...
Check the BitLocker status of all PCs in the network

The built-in tools for activating BitLocker do not provide a comprehensive report on the encryption status of the entire...
Avoid BitLocker recovery mode by customizing the TPM validation profile

On startup, BitLocker ensures that the configuration of a PC has not changed since encryption began. For this purpose,...
SQL Server Always Encrypted

Microsoft SQL Server Always Encrypted is a feature that protects confidential data by encrypting it at the column level....
Enable BitLocker on Windows 11 without a TPM chip

By default, Windows 11 requires a Trusted Platform Module (TPM) chip to be present on the computer. However, it...
Encrypt Dropbox and OneDrive or with the free Cryptomator

Cryptomator is a free, open-source solution that allows you to encrypt Dropbox and OneDrive using strong encryption that you...
Manage BitLocker centrally with AppTec360 EMM

AppTec360 Enterprise Mobility Management (EMM) is not only suitable for managing mobile devices but also PCs. For PCs, the...
Save and access the BitLocker recovery key in the Microsoft account

Microsoft offers several options for storing the recovery key when activating BitLocker. Traditionally, you could print it out or...
Find Active Directory accounts configured for DES and RC4 Kerberos encryption

While DES has long been considered insecure, CVE-2022-37966 accelerates the departure of RC4 for the encryption of Kerberos tickets....
Encrypt email in Outlook with Microsoft 365

A support ticket came in recently, in which a client asked whether they needed to upgrade their Microsoft 365...
Enable TLS on SQL Server

Secure Socket Layer (SSL) and Transport Layer Security (TLS, which builds on the now deprecated SSL protocol) allow you...
Common BitLocker errors

In my previous post, I explained how to enable BitLocker with PowerShell and how to unlock, suspend, resume, and...
Enable BitLocker for Windows 10 and Windows 11 with Intune on multiple computers

This post explains how you can enable BitLocker for Windows 10 and Windows 11 with Intune on multiple computers...
Enable BitLocker with PowerShell

BitLocker is a volume encryption technology that was first introduced in Windows Vista and Windows Server 2008. Like other...
Restore BitLocker-encrypted drives from image backup

In this guide, I'll take a closer look at the process of restoring a BitLocker-encrypted drive from an image...