When planning the BitLocker recovery process, first consult the organization's current best practices for recovering sensitive information. For more information, review the article BitLocker preboot recovery screen. It's recommended to configure policy settings to customize the preboot recovery screen, for example by adding a custom message, URL, and help desk contact information. Using suspend and resume also reseals the encryption key without requiring the entry of the recovery key.īoth the Recovery password and Recovery key can be supplied by users in the Control Panel applet (for data and removable drives), or in the preboot recovery screen. Suspending BitLocker leaves the drive fully encrypted, and the administrator can quickly resume BitLocker protection after the planned task is completed. For instance, if you determine that an attacker modified a device by obtaining physical access, you can implement new security policies for tracking who has physical presence.įor planned scenarios, such as a known hardware or firmware upgrades, initiating recovery can be avoided by temporarily suspending BitLocker protection. Root cause analysis might help to prevent the problem from occurring again in the future.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |