Can A SysAdmin Decrypt Bitlocker To Go?

D

Daddyman

New member
Member
Local time
5:58 PM
Messages
40
At work we have Windows 7 Enterprise, and I would like to use Bitlocker To Go (BTG) to encrypt my USB ('flash') drive. The purpose is to prevent anybody - including system administrators - from viewing the contents of my USB drive.

Can a system administrator decrypt a BTG-protected USB drive without knowing the password? Can a system administrator simply turn off BTG on my USB drive?
 

My Computer

Computer Manufacturer/Model Number
Dell Studio XPS 8100
OS
Windows 7 Professional x64
I discovered that it is possible for a system administrator to decrypt a USB drive encrypted by Bitlocker-To-Go.

When a user encrypts a USB drive with BTG, the user is asked how they would like to generate a recovery key: by printing or storing in a file.

If so enabled in Group Policy, Windows will store a copy of the recovery key in a location accessible to a system administrator.

This isn't so unreasonable when you understand that BTG was created so enterprises can protect their data from falling into unauthorized hands. BTG is provided as a tool that enterprises can either offer or mandate to employers. It makes sense that the enterprise should have way to recover their own data when it is stored on an employee's USB drive.

So for my purposes, Bitlocker-To-Go is unsatisfactory.
 

My Computer

Computer Manufacturer/Model Number
Dell Studio XPS 8100
OS
Windows 7 Professional x64
It would work to your satisfaction if you did it at home on your own computer. But I question the purpose of this. Sounds like you might be up to no good concerning your employer.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Alienware Aurora ALX R4
OS
Windows 10 Pro (x64)
CPU
Intel Core i7-3930K (3.2GHz - 4.5GHz)
Motherboard
Alienware Aurora-R4 x79
Memory
4x Samsung 4GB PC3-12800 DDR3 (16GB 1600MHz)
Graphics Card(s)
Nvidia Geforce GTX 690
Sound Card
SteelSeries Siberia Elite
Monitor(s) Displays
Dell UltraSharp U3011
Screen Resolution
2560x1600
Hard Drives
Samsung 850 Pro 256 GB, Seagate 1TB Desktop Hybrid HDD, 2x Western Digital 4TB Green HDD
PSU
875W Some Dell PSU <.<
Case
Alienware Aurora ALX
Cooling
Custom Liquid Cooling (EK CPU & GPU blocks) dual EK 480RAD
Keyboard
Logitech G710+ Mechanical
Mouse
Logitech G700s
Internet Speed
Verizon Fios (50 mbps average)
Other Info
Server: Intel NUC D54250WYK: i5-4250U, 16GB, 256 GB mSATA, Windows Server 2012 R2
Surely you didn't become a Gold Member for posts like that.
 

My Computer

Computer Manufacturer/Model Number
Dell Studio XPS 8100
OS
Windows 7 Professional x64
Like what? Telling you that it would work to your satisfaction if you did it from home?
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Alienware Aurora ALX R4
OS
Windows 10 Pro (x64)
CPU
Intel Core i7-3930K (3.2GHz - 4.5GHz)
Motherboard
Alienware Aurora-R4 x79
Memory
4x Samsung 4GB PC3-12800 DDR3 (16GB 1600MHz)
Graphics Card(s)
Nvidia Geforce GTX 690
Sound Card
SteelSeries Siberia Elite
Monitor(s) Displays
Dell UltraSharp U3011
Screen Resolution
2560x1600
Hard Drives
Samsung 850 Pro 256 GB, Seagate 1TB Desktop Hybrid HDD, 2x Western Digital 4TB Green HDD
PSU
875W Some Dell PSU <.<
Case
Alienware Aurora ALX
Cooling
Custom Liquid Cooling (EK CPU & GPU blocks) dual EK 480RAD
Keyboard
Logitech G710+ Mechanical
Mouse
Logitech G700s
Internet Speed
Verizon Fios (50 mbps average)
Other Info
Server: Intel NUC D54250WYK: i5-4250U, 16GB, 256 GB mSATA, Windows Server 2012 R2
Well I'm a Gold member and the answer to your question is very simple. It is inappropriate to do what you want on a company computer without the proper permission from the the owner/operator/administrator/IT department. You can of course do such things on your own computer at home or any other place you choose to use your computer. Daddyman being polite to other members is always appreciated on this Forum.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Home made Desktop
OS
Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
CPU
Intel i7-6800K @ 4.3
Motherboard
ASUS X-99 Deluxe II
Memory
Corsair Platinum 16 gig @2400
Graphics Card(s)
EVGA GTX 1070 OC
Monitor(s) Displays
Asus 27" LED LCD/VE278Q
Screen Resolution
1920-1080 or 1280-720 HDMI
Hard Drives
INTEL SSD 730-240 Gb Sata 3.0/
PSU
EVGA Platium 1200W
Case
Phanteks Luxe Tempered Glass 8 fans/ one radiator
Cooling
XSPC/ Water Cooled CPU
Keyboard
Das 4 Professional
Mouse
Logitech M705/MX Anywhere 2-S
Internet Speed
100 mbits
Antivirus
Microsoft Security Essentials/ Malwarebytes Premium 3.0/ SAS
Browser
I.E. 11 default/Firefox/ ISP Time Warner Cable/Spectrum
Other Info
LG BluRay Burner/
Sound system-KLipsch-THX/
Icy Dock ssd Hot Swap bays.
Layback Bear said:
Daddyman being polite to other members is always appreciated on this Forum.
Click to expand...

That concept appears to have been forgotten by logicearth. I didn't come here to be accused by my fellow posters.
 

My Computer

Computer Manufacturer/Model Number
Dell Studio XPS 8100
OS
Windows 7 Professional x64
Being polite does not prevent one from voicing opinions. Or as you put it "accusing" you of some action.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Alienware Aurora ALX R4
OS
Windows 10 Pro (x64)
CPU
Intel Core i7-3930K (3.2GHz - 4.5GHz)
Motherboard
Alienware Aurora-R4 x79
Memory
4x Samsung 4GB PC3-12800 DDR3 (16GB 1600MHz)
Graphics Card(s)
Nvidia Geforce GTX 690
Sound Card
SteelSeries Siberia Elite
Monitor(s) Displays
Dell UltraSharp U3011
Screen Resolution
2560x1600
Hard Drives
Samsung 850 Pro 256 GB, Seagate 1TB Desktop Hybrid HDD, 2x Western Digital 4TB Green HDD
PSU
875W Some Dell PSU <.<
Case
Alienware Aurora ALX
Cooling
Custom Liquid Cooling (EK CPU & GPU blocks) dual EK 480RAD
Keyboard
Logitech G710+ Mechanical
Mouse
Logitech G700s
Internet Speed
Verizon Fios (50 mbps average)
Other Info
Server: Intel NUC D54250WYK: i5-4250U, 16GB, 256 GB mSATA, Windows Server 2012 R2
<placed in Ignore list>
 

My Computer

Computer Manufacturer/Model Number
Dell Studio XPS 8100
OS
Windows 7 Professional x64
You must log in or register to reply here.

Similar threads

Solved How can I Repairing a W7P64 install on a USB Drive?
Replies
0
Views
854
Mike Lynch
Mike Lynch
Solved I can see disk that I don't have a driver for, but I can't see other
Replies
0
Views
423
Muffin Top
M
Solved Clean disks to avoid the missing driver error upon install ?
2
Replies
35
Views
5K
Muffin Top
M
Help! please I need to download a windows 7 home premium ISO
Replies
3
Views
26K
MisterEd
MisterEd
Solved "WindowsImageBackup": can it be inside a folder? => Yes.
Replies
1
Views
4K
SIW2
SIW2
Back
Top