This is great and a hats off to Microsoft for whipping it up so fast,that being said you’ll still need the recovery key for bitlocker which is the ultimate problem; a bitlockered crowdstriked active directory server storing all of the bitlocker recovery keys.
a bitlockered crowdstriked active directory server storing all of the bitlocker recovery keys.
If you didn’t make a backup of the recovery key to the master server holding all other keys that’s on you
I did make a backup. Then I put it on that other computer. That’s also blue screen.
Post-It security is best security.
This is why all my passwords are on Post-Its
It’s a PITA but you can restore a backup from last Wednesday or earlier into a VM, boot it up, and then retrieve the key for one of your regular ADCs.
Also, why are all your ADCs using BitLocker? I get that you want data encrypted at rest but why not use your RAID controller instead?
Sounds like someone didn’t plan for the worst-case scenario…
Second-to-worst-case scenario was the best we could do at the time.
Crowdstrike has always been a shitty company.
They’ve never cared about making a good product, only about marketing and making things look pretty
