Hide "View Bitlocker Keys" Option in My Account page

Kedar Tamboli 166 Reputation points
2021-06-21T15:00:49.23+00:00

Hello All,

We are using Intune Encryption on Windows 10 systems. As I understood that enrolled user can see the recovery keys in My Account page (https://myaccount.microsoft.com/device-list).

There can be chances of data loss from legitimate user if user has access to recovery keys. Please correct if my understanding is wrong. How can we address this security point. Can we hide "View Bitlocker Keys" Option from My Account page so that in case of recovery User will always connect with internal Azure AD team for recovery keys?

Also do let us know if audit log captures in Intune portal if User access / read the BitLocker keys.

Please share your views on it.

Thanks and regards,
Kedar

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,358 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Jason Sandys 31,151 Reputation points Microsoft Employee
    2021-06-21T16:32:26.47+00:00

    No, you cannot hide the key today. We are working on this functionality though. Same with additional auditing.

    5 people found this answer helpful.