Hide "View Bitlocker Keys" Option in My Account page

Kedar Tamboli 166 Reputation points

Hello All,

We are using Intune Encryption on Windows 10 systems. As I understood that enrolled user can see the recovery keys in My Account page (https://myaccount.microsoft.com/device-list).

There can be chances of data loss from legitimate user if user has access to recovery keys. Please correct if my understanding is wrong. How can we address this security point. Can we hide "View Bitlocker Keys" Option from My Account page so that in case of recovery User will always connect with internal Azure AD team for recovery keys?

Also do let us know if audit log captures in Intune portal if User access / read the BitLocker keys.

Please share your views on it.

Thanks and regards,

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
13,474 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Jason Sandys 30,906 Reputation points Microsoft Employee

    No, you cannot hide the key today. We are working on this functionality though. Same with additional auditing.

    5 people found this answer helpful.