In fact, BitLocker recovery key call requests became the second most common type of call! Helpdesk always had to be staffed and prepared to support our employees, globally. Over time, BitLocker recovery key calls consumed a lot of Helpdesk tickets and resource bandwidth. They had to use valuable time to call Helpdesk, verify their identity and credentials, and work with the Helpdesk technician to access the recovery key on their behalf. Typically armed with just their laptop and their phone, productivity effectively ground to a halt. For example, a field-based sales employee might stay at a hotel where they couldn’t use a VPN or Direct Access connection to reach the corporate network. Remote solution neededĮven with the portal in place, it was still challenging for some of our remote workers. Because most Microsoft devices connect to on-premises Active Directory, the portal must also reside on‑premises or in a private cloud. Unlike the hassle of calling Helpdesk, the portal process is quick-typically five minutes-but it does require corporate connectivity. We used Microsoft BitLocker Administration and Monitoring (MBAM), which provides enterprise management capabilities for BitLocker, to create a self-service BitLocker recovery key portal. Our employees needed to be able to access their own BitLocker recovery key without the hassle of calling Helpdesk. The employee would have to authenticate themselves to Helpdesk and the Helpdesk technician would recover the key on the employee’s behalf. These calls typically lasted about an hour, resulted in lost productivity, and tied up the Helpdesk technician. Previously, if our employees didn’t know their BitLocker recovery key, they would have to call Helpdesk. In all of these situations, you can’t use your computer without a BitLocker recovery key. They include hardware issues, operating system upgrades, or failed BIOS updates. Outside of a theft scenario, there are a variety of reasons that a BitLocker recovery key might be needed. The feature helps protect not only data, but also personal information and access to corporate networks. If a security condition is detected, BitLocker locks the operating system drive and requires a unique BitLocker recovery key to unlock it. Microsoft Digital uses BitLocker-the Windows operating system disk encryption and data protection feature-for both hardware enforcement and data protection. Now all employees can retrieve a single-use BitLocker recovery key in just a few minutes. It extends the portal to any Internet-enabled phone or device. To help our remote employees, we created a companion web app using Azure Active Directory Application Proxy. Microsoft Digital created a self-service portal that reduced Helpdesk calls-but remote staff couldn’t access it without a corporate network connection. To get a BitLocker recovery key, Microsoft employees were spending up to an hour with Helpdesk. This content has been archived, and while it was correct at time of publication, it may no longer be accurate or reflect the current situation at Microsoft.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |