1.2.4.2.3.13 Set 'Save BitLocker recovery information to AD DS for removable data drives' to 'False'

Information

This policy setting allows you to control how BitLocker-protected removable data drives are recovered in the
absence of the required credentials.

Solution

Make sure 'Save BitLocker recovery information to AD DS for removable data drives' is set to 'False'

See Also

https://workbench.cisecurity.org/files/17

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-28(1), CSCv6|10.3, CSCv6|13.2

Plugin: Windows

Control ID: d6f2bbf9e0a891838aeb945dd3779bb17da0593f12fb1add8a1eca929fe0f6c1