This is great and a hats off to Microsoft for whipping it up so fast,that being said you’ll still need the recovery key for bitlocker which is the ultimate problem; a bitlockered crowdstriked active directory server storing all of the bitlocker recovery keys.
Sounds like someone didn’t plan for the worst-case scenario…
Second-to-worst-case scenario was the best we could do at the time.
a bitlockered crowdstriked active directory server storing all of the bitlocker recovery keys.
If you didn’t make a backup of the recovery key to the master server holding all other keys that’s on you
I did make a backup. Then I put it on that other computer. That’s also blue screen.
Post-It security is best security.
This is why all my passwords are on Post-Its
It’s a PITA but you can restore a backup from last Wednesday or earlier into a VM, boot it up, and then retrieve the key for one of your regular ADCs.
Also, why are all your ADCs using BitLocker? I get that you want data encrypted at rest but why not use your RAID controller instead?
I’m not impacted. I’m just outlining why people are still impacted.
Crowdstrike has always been a shitty company.
They’ve never cared about making a good product, only about marketing and making things look pretty
