encryption – 4sysops

Activate BitLocker and create a TPMandPIN protector simultaneously the recovery key already exists

Activate BitLocker with manage-bde, PowerShell, or WMI

Wolfgang Sommergut Wed, Sep 20 2023 bitlocker, security, powershell, encryption 2

You can configure various settings for BitLocker using group policies, but this doesn't initiate encryption. Similarly, it doesn't create...

Understanding how secrets are stored with and without encryption

+

Encrypt Kubernetes Secrets at rest

Surender Kumar Mon, Aug 28 2023 kubernetes, devops, security, encryption 0

In a previous post, you learned that Kubernetes Secrets are not really secure by default; that is, they are...

After the permission is assigned to the local computer the template will appear in the CSR wizard

+

The permissions on the certificate template do not allow the current user to enroll for this type of certificate

Wolfgang Sommergut Thu, Aug 24 2023 security, encryption 0

When requesting an SSL certificate from Active Directory Certificate Services, the process may fail due to a lack of...

The certificate has a private key but it cannot be exported

+

Export certificate as CER, DER, P7B, or PFX

Wolfgang Sommergut Wed, Aug 16 2023 security, encryption 1

When transferring a certificate to another computer, it is common practice to export it from the cert store and...

Key protectors based on the Trusted Platform Modules TPM

+

TPM, PIN, Passwords, and SID: Managing BitLocker Key Protectors

Wolfgang Sommergut Mon, Jul 31 2023 bitlocker, security, password, encryption 0

BitLocker uses symmetric encryption methods to encrypt drives. The key used for this is protected by two encryption layers....

When activating BitLocker via the command line you must adhere to the settings in the GPO

+

Secure BitLocker key with a PIN

Wolfgang Sommergut Mon, Jul 24 2023 bitlocker, security, encryption 2

By default, BitLocker is configured to release the volume master key (VMK) solely through the TPM. However, this might...

Retrieving BitLocker status information from a remote PC using manage bde

+

Check the BitLocker status of all PCs in the network

Wolfgang Sommergut Fri, Jun 30 2023 bitlocker, security, encryption 0

The built-in tools for activating BitLocker do not provide a comprehensive report on the encryption status of the entire...

Use manage bde to display which PCRs are used for system validation

+

Avoid BitLocker recovery mode by customizing the TPM validation profile

Wolfgang Sommergut Wed, Jun 28 2023 encryption, bitlocker, security 0

On startup, BitLocker ensures that the configuration of a PC has not changed since encryption began. For this purpose,...

Viewing the SQL Server database before enabling Always Encrypted

+

SQL Server Always Encrypted

Surender Kumar Mon, Jun 19 2023 database, security, encryption 6

Microsoft SQL Server Always Encrypted is a feature that protects confidential data by encrypting it at the column level....

Require additional authentication at startup

+

Enable BitLocker on Windows 11 without a TPM chip

Jasmin Kahriman Tue, May 2 2023 bitlocker, security, encryption 0

By default, Windows 11 requires a Trusted Platform Module (TPM) chip to be present on the computer. However, it...

+

Encrypt Dropbox and OneDrive or with the free Cryptomator

Brandon Lee Tue, Apr 4 2023 security, file tools, encryption 0

Cryptomator is a free, open-source solution that allows you to encrypt Dropbox and OneDrive using strong encryption that you...

The report provides information about the encryption status of all managed Windows PCs

+

Manage BitLocker centrally with AppTec360 EMM

Andrej Radonic Thu, Feb 9 2023 bitlocker, security, deployment, encryption 0

AppTec360 Enterprise Mobility Management (EMM) is not only suitable for managing mobile devices but also PCs. For PCs, the...

Save the BitLocker key to the Microsoft account retrospectively

+

Save and access the BitLocker recovery key in the Microsoft account

Wolfgang Sommergut Tue, Jan 24 2023 encryption, bitlocker, security 0

Microsoft offers several options for storing the recovery key when activating BitLocker. Traditionally, you could print it out or...

Document status of msDS SupportedEncryptionTypes for all accounts

+

Find Active Directory accounts configured for DES and RC4 Kerberos encryption

Wolfgang Sommergut Mon, Dec 19 2022 security, active directory, encryption 3

While DES has long been considered insecure, CVE-2022-37966 accelerates the departure of RC4 for the encryption of Kerberos tickets....

Option to use encrypt email may be missing in Outlook

+

Encrypt email in Outlook with Microsoft 365

Robert Pearman Tue, Dec 6 2022 microsoft 365, cloud computing, security, encryption 1

A support ticket came in recently, in which a client asked whether they needed to upgrade their Microsoft 365...

Opening the properties of the SQL Server instance in SQL Server Configuration Manager

+

Enable TLS on SQL Server

Surender Kumar Fri, Nov 25 2022 database, security, encryption 20

Secure Socket Layer (SSL) and Transport Layer Security (TLS, which builds on the now deprecated SSL protocol) allow you...

Add a recovery password to a BitLocker volume using PowerShell

+

Common BitLocker errors

Surender Kumar Wed, Sep 14 2022 bitlocker, security, powershell, encryption 5

In my previous post, I explained how to enable BitLocker with PowerShell and how to unlock, suspend, resume, and...

+

Enable BitLocker for Windows 10 and Windows 11 with Intune on multiple computers

Kostas Tzouvaras Mon, Sep 12 2022 security, bitlocker, encryption 0

This post explains how you can enable BitLocker for Windows 10 and Windows 11 with Intune on multiple computers...

View various commands offered by the BitLocker PS module

+

Enable BitLocker with PowerShell

Surender Kumar Tue, Sep 6 2022 bitlocker, security, powershell, encryption 11

BitLocker is a volume encryption technology that was first introduced in Windows Vista and Windows Server 2008. Like other...

Selecting the volumes for a backup with Snapshot

+

Restore BitLocker-encrypted drives from image backup

Welf Alberts Thu, May 19 2022 windows, security, encryption 1

In this guide, I'll take a closer look at the process of restoring a BitLocker-encrypted drive from an image...