Mohan Jayabal’s Post

We have BitLocker! Microsoft's BitLocker is a security feature for the Windows operating system that provides drive encryption. This prevents data theft if the device is lost/stolen or tampered with in any way. The keys 😉 to success: ✔ The system receiving a BitLocker policy must have TPM 1.2 or later and Secure Boot must be enabled. (For a fuller list of reqs, see: https://lnkd.in/eRw9VGBq) 📜 We used an Endpoint Security Policy in Intune to set a basic BitLocker policy that silently deploys drive encryption. ❌ In our tests, the silent deployment failed because Secure Boot was disabled. After enabling in the UEFI settings, the encryption process kicked off silently at next boot without any user intervention. 🔐 The drive is now encrypting used space only and the recovery keys are backed up to the device object viewable in both Intune and Entra AD. 🔑 Onto configuring passwordless authentication! #Microsoft #LAPS #Entra #Intune #Autopilot #Cloud #Windows #PC #Azure #BitLocker #DriveEncryption

As you may have seen in the news, Microsoft has had major worldwide outages since early this morning. The good news is that Affinity-managed PCs and servers will not be affected by these issues. These issues were caused by a bug in third-party security software from a firm called CrowdStrike and only affects Windows computers and servers that also use CrowdStrike's software. Affinity does not use CrowdStrike's software, so Affinity-managed PCs and servers will not be affected. That said, third-party services hosted on Windows servers, including some cloud applications, may be impacted. CrowdStrike is working to correct the issue and have deployed fixes, so affected systems are beginning to come back online. For the latest updates on CrowdStrike's mitigation efforts, you can follow them on X (formerly Twitter).

New #Windows365 (#CloudPC) features help provide a more secure workspace We are constantly innovating to ensure that #Windows365 continues to provide a #safe environment to #securely stream your #personalized #Windows #desktop, #apps, settings, and #content from the Microsoft Cloud to any device. Windows 365 provides #security in various layers—#identity, #access, and #data—when employees use their Cloud PCs. Existing capabilities like Conditional Access policies help protect user identities and ensure that Cloud PCs are accessed securely from any device. Single sign-on (#SSO), In-session #passwordless authentication, Faster #reauthentication, #MobileApplicationManagement (#MAM), Traceable #watermarking and #screencaptureprotection, Microsoft #Purview Customer Key, Microsoft Purview forensic evidence, #Unidirectional clipboard redirection. Have a suggestion for a new feature or functionality? Post your ideas in the Windows 365 feature requests board, here: https://lnkd.in/dF3WBMkm Read newly added and upcoming features: https://lnkd.in/dtF4p9Re

SUMMARY: A Microsoft Windows 365 Cloud PC issue left users' systems stuck in a restart loop following a CrowdStrike update. MAIN POINTS: - The issue was triggered by a recent CrowdStrike Falcon update. - Microsoft and CrowdStrike collaborated to investigate and resolve the problem. - Affected users experienced their Cloud PCs repeatedly restarting. TAKEAWAYS: - Users should update their systems regularly for stability. - Collaborations between companies help address and resolve software conflicts quickly. - Staying informed about software updates is crucial. #Microsoft #CrowdStrike #Windows365 #cybersecuritynews

How to recover your Windows hosts impacted by a recent CrowdStrike Falcon sensor? The first solution involves restarting the host and potentially switching to a wired network connection. If the system continues to crash, users can boot into Safe Mode or the Windows Recovery Environment and delete a specific file named "C-00000291.sys"*. The asterisk (*) indicates that there might be variations in the file name suffix, but it will always start with "C-00000291". For public cloud or similar environments, CrowdStrike recommends detaching the operating system disk volume from the impacted virtual server, creating a snapshot, attaching the volume to a new virtual server, deleting the problematic file, and then reattaching the volume to the original server. Alternatively, users can roll back to a snapshot created before a specific date. Recovery options for BitLocker-encrypted hosts Scenario 1: Recovery Key readily available Booting the system normally: If you have your BitLocker recovery key readily available, you might be able to boot the system normally and then proceed with the steps mentioned for non-BitLocker encrypted systems. This would involve deleting the "C-00000291.sys"* file as described earlier. Scenario 2: Recovery Key unavailable Locating the Recovery Key: If you don't have your BitLocker recovery key readily available, you'll need to locate it before proceeding. The recovery key might be stored in your Microsoft account, saved on a separate drive, or provided by your IT administrator. Accessing the Drive with the Recovery Key: Once you have the recovery key, you might need to access a specific boot menu or recovery environment to enter the key and unlock the BitLocker-encrypted drive. This process can vary depending on your Windows version and how BitLocker was originally set up. https://lnkd.in/gi7ppZ4b

Many of the news outlets talking about the issue being #Microsoft is wrong, the problem affects Microsoft windows operating systems on servers and laptops/desktops. Its a problem with the #Falcon agent update that was released by the security vendor #crowdstrike, and before we all start switching vendors, its could have happened to any of the big security players. The most important thing if your affected it to take the right remedial action so this doesn't impact you systems and users further. For users its going to be using the #bitlocker key to get into the rebooting laptop or desktop or if you don't know them maybe its a full reinstall for each laptop or desktop. Vissensa | Forward Thinking IT's private cloud platforms did experience some disruption at 4am this morning but our service team mitigated the problem and our clients are fully operational. Read more here: https://lnkd.in/edYAuuT4

WHY CAN'T MICROSOFT MAKE THE WINDOWS OS SECURE? HOW DID CROWDSTRIKE SCREW UP KERNEL API ACCESS? Answer: Don't blame Microsoft for this outage fiasco. Blame EU regulations. Microsoft agreed back in 2009 with the European Commission that it would give makers of security software the same level of access to Windows that Microsoft gets. This decision means security software vendors have a greater ability to muck up systems as CrowdStrike did this week when it crippled 8.5 million Windows PCs worldwide. The agreement states that Microsoft is obligated to make available its APIs in its Windows Client and Server operating systems that are used by its security products to third-party security software makers. The document says that Microsoft has to also document the APIs on the Microsoft Developer Network except where they create security risks. Giving security software vendors access to these APIs, while good for a level playing field, which is what the EU was concerned about, it's not great for security as we saw this week when CrowdStrike knocked very important machines offline causing chaos worldwide. Read the EU agreement with Microsoft: https://lnkd.in/evrYRsQS

#AzureDaily 🚨Microsoft announces deprecation of weak RSA certificates for #TLS server authentication! This change, starting Sep 2022, enhances security and reliability for #Windows users. Time to replace 1,024-bit RSA certs and less with stronger certs! 🔒💻 #AzureCloud #MicrosoftSecurity

Streamlining the BitLocker Recovery Process: Best Practices and Tips If you have ever encountered issues accessing your encrypted data on Windows devices, you may have come across the BitLocker recovery process. But what exactly is this process, and why is it necessary? We will explore the common reasons for needing BitLocker recovery, how it works, and the different recovery options available. We will also discuss the steps to perform BitLocker recovery, common issues faced, and ways to refine the recovery process for a smoother experience. Let’s dive in and unravel the mysteries of BitLocker recovery! What Is BitLocker Recovery Process? The BitLocker Recovery Process is a crucial aspect of […] https://lnkd.in/ezuFpmqa #serviceproviders #soc #mssp #vars #datto #dattocon #connectwise #connectwiseautomate #Labtech #RMM #RMMsecuritytool #RMMtool #security #msp #mspartners #mspartner #mspsales #mspmarketing #msp500 #managedhosting #managedcloud #managedsecurity #msp501 #msps #managedservices #manageditsolutions #manageditservices #manageditsupport #managedit #managedserviceprovider #managedservicesprovider #managedservice #managedserviceproviders #manageditservice

🔵 Windows Server 2012 & 2012 R2: End of Support Alert! 🔵 In the ever-evolving world of IT infrastructure, staying updated is paramount. Microsoft's Windows Server 2012 & 2012 R2 have been reliable workhorses, but they've reached their support end on Oct 10, 2023. 🔐 Security at Risk: No more security updates mean potential vulnerabilities. 🐞 No Bug Fixes: Operational efficiency takes a hit without non-security updates and bug fixes. 💼 Technical Support: Microsoft won't provide tech support or updates related to these versions. What's Next? 1️⃣ Extended Security Updates (ESUs): Get up to 3 more years of security updates, free on Azure or paid for on-premises. 2️⃣ Migrate to Azure: Move to Azure cloud and enjoy free Extended Security Updates, plus Azure Hybrid Benefit. 3️⃣ On-Premises Options: Upgrade to Windows Server 2022 or purchase ESUs for Windows Server 2012. Plan ahead and keep your systems secure and efficient. Need guidance? Reach out to Ardent Consulting for expert advice. Details: https://buff.ly/3QJ0T13 #WindowsServer #EndOfSupport #ITInfrastructure #CloudMigration