How to store BitLocker keys in Active Directory

BitLocker is a fantastic way to protect the data stored on computers and thwart some offline tampering attacks. However, if you’re using BitLocker within a business environment, keeping track of the recovery keys can be quite burdensome. Thankfully Microsoft has developed a way to automatically save BitLocker recovery keys to active directory.

In this post I’m going to be going through the process, step-by-step, to enable BitLocker recovery key saving to active directory. Plus we’ll take a look at how computers that are already encrypted can retrospectively have their recovery keys backed up to active directory.

Read More

How to setup vSphere encryption

With the release of vSphere 6.5 VMware have drastically improved the state of vSphere security by implementing new features such as VM-level disk encryption, encrypted vMotion and support for the new secure boot model. Unfortunately, unlike Microsoft’s Hyper-V, VMware took the path of relying upon an entirely separate key management system for the storing of encryption keys.

In this guide I’m going to be showing you how to setup vSphere’s encryption features from scratch, suitable key management solutions, and my personal recommendations.

Read More