cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Audit Log for BitLocker Recovery Keys in Azure AD

Highlighted
Andrew Matthews
Contributor

‎08-08-2018 08:27 AM

‎08-08-2018 08:27 AM

Audit Log for BitLocker Recovery Keys in Azure AD

Escrowing BitLocker recovery keys to Azure AD is great functionality but I have been asked to find an audit trail when a user or administrator accesses the recovery keys. The IT Security function at an organization that I am working with is concerned that a malicious insider could misuse the recovery keys to decrypt drives. They want to track when a Recovery Key is viewed in Azure AD.

 

I conducted some experiments with administrator and end user accounts but I did not see any audit log entries in the Azure AD audit log.

 

Are audit log entries created for BitLocker Recovery Key escrow and where would I find the audit logs?

977 Views
1 Like
2 Replies
Reply
2 Replies
Highlighted
ThomasKurthCH

‎04-28-2019 03:45 AM

‎04-28-2019 03:45 AM

Re: Audit Log for BitLocker Recovery Keys in Azure AD

@Andrew Matthews Did you found an answer to this topic?

I have not found any Audit log entry...

0 Likes
Reply
Highlighted
Andrew Matthews

‎04-30-2019 03:28 AM

‎04-30-2019 03:28 AM

Re: Audit Log for BitLocker Recovery Keys in Azure AD

@ThomasKurthCH I have not found an answer yet. 

 

There is a UserVoice item for this feature. Feel free to upvote the UserVoice item.

 

https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/35097220-bitlocker

0 Likes
Reply