Alexander Naegele

Dr.Karahan

CYSE 368

5/24/2023

Reflective Journal #2

During the second set of 50 hours at my internship at SimIS Inc. I was given the project of deploying the BitLocker script I made onto every employee computer that works both on and off-site. 

The purpose behind deploying and enabling BitLocker on every computer was to encrypt the computer so if an employee lost their computer, the data would be unreadable. This is vital since many employees travel for work, whether it’s for attending conferences, visiting clientele, or working remotely from their home. The process of installing and enabling BitLocker onto a computer involves putting the script that I made onto a flashdrive, inserting the flash drive into a computer with the employee already logged in to their account. Next, I go into the command prompt terminal and switch to the D: drive which is where my flash drive is located. Then I go to the folder that I have the script in by using the “cd D:/Bitlocker/Bitlockerscript” command. At this point, I run the script as admin. In the script, I programmed it to retrieve and send the recovery key to the domain controller by sending it to the active directory. This essentially stores the recovery password if a computer was tampered with but was found later. After that I verify the status of it by typing the following command in the terminal, “manage-bde -status.” If it was successful it will say 100% encrypted and encryption is turned on, if otherwise, that means there was an error to troubleshoot. Finally, my supervisor and I checked the domain controller from his computer to verify that the recovery keys were sent. 

After each employee computer that I deployed BitLocker on, I documented it on a spreadsheet. I checked for 3 things, if Bitlocker was deployed, if the user has admin privileges, and whether or not the recovery keys were sent successfully. Currently, I have it installed on 18/42 computers, I will continue to knock out more in the upcoming week.