1.2.4.2.1.13 Set 'Save BitLocker recovery information to AD DS for fixed data drives' to 'False'

Information

This policy setting allows you to control how BitLocker-protected fixed data drives are recovered in the
absence of the required credentials.

Solution

Make sure Set 'Save BitLocker recovery information to AD DS for fixed data drives' is set to 'False'

See Also

https://workbench.cisecurity.org/files/17

Item Details

Category: CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|CP-10(6), 800-53|SC-28(1), CSCv6|10.3, CSCv6|13.2

Plugin: Windows

Control ID: b0a19ec6bd4b89593cf2d0e4f06e30fd9d5569f957f18fffe387ddcd2b1d5830