Bitlocker - Missing Key Protectors

Summary

The monitor set detects computers where Bitlocker is enabled and the drive is fully encrypted but does not have any key protectors.

It works based on the data gathered by the SEC - Encryption - Script - Bitlocker - Audit script. Therefore, the SEC - Encryption - Script - Bitlocker - Audit script should be running regularly in the partner’s environment.

The script can be scheduled from a group, or it can be scheduled from the CWM - Automate - Internal Monitor - ProVal - Production - Security - Stale Bitlocker Data monitor set.

Dependencies

• SEC - Encryption - Script - Bitlocker - Audit
• SEC - Encryption - Script - Bitlocker - Volume - Add Recovery Password [Autofix]

Target

Global

Alert Template

Name: △ Custom - Execute Script - Bitlocker - Volume - Add Recovery Password

The script SEC - Encryption - Script - Bitlocker - Volume - Add Recovery Password [Autofix] should be imported before creating or importing the alert template, as the alert template should run this.