Perhaps someone here can answer this question.
I have a Windows 10 Pro laptop. It is part of an Azure AD domain, in
which InTune is being used for a variety of management functions. It
is supposed to have Bitlocker full disk encryption enabled, and the
Bitlocker key is stored in InTune.
I do not connect any cables to this laptop. I simply turn it on. I do
not manually connect it to any wireless internet source. The machine
displays a standard Windows 10 login screen. Having local admin
credentials, I log in and get full access to the machine.
What is wrong with this picture?
As I understand Win 10 Bitlocker disk encryption, I don't need to
supply pre-boot credentials if the computer can see the internet, or
if the machine has "Modern Standby" enabled. I understand the latter
to mean that the laptop has never been fully turned off since
somebody unlocked the encryption.
If I am correct, since I did not connect the laptop to any internet
source, yet I still am able to get into the machine using only the
local admin credentials, if Bitlocker full-disk encryption is
actually implemented, then the machine must be in "Modern Standby".
I don't use Windows 10 but to me this situation is analogous to
having set up full disk encryption on a Win 7 box, submitted a PIN to
get to the login screen, and then closed the lid to force hibernation
mode. If I open the lid I don't need to put in the pre-boot PIN again
but I have to log into Windows.
As I see it, if somebody steals this laptop as well as the local
admin credentials, the alleged Bitlocker "full disk encryption" will
do absolutely nothing to prevent the thief from gaining full control
of the machine.
Is this correct, or am I, as is often the case, missing some crucial
piece of information.
Thanks for any help.
Ken Dibble
www.stic-cil.org
_______________________________________________
Post Messages to: [email protected]
Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox
OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech
Searchable Archive: http://leafe.com/archives/search/profox
This message: http://leafe.com/archives/byMID/profox/
** All postings, unless explicitly stated otherwise, are the opinions of the
author, and do not constitute legal or medical advice. This statement is added
to the messages for those lawyers who are too stupid to see the obvious.
