{"id":723,"date":"2026-02-25T17:09:34","date_gmt":"2026-02-25T23:09:34","guid":{"rendered":"https:\/\/cmitsolutions.com\/chicago-il-1221\/?p=723"},"modified":"2026-02-25T17:09:34","modified_gmt":"2026-02-25T23:09:34","slug":"encryption-is-great-as-long-as-you-dont-lose-your-keys","status":"publish","type":"post","link":"https:\/\/cmitsolutions.com\/chicago-il-1221\/blog\/encryption-is-great-as-long-as-you-dont-lose-your-keys\/","title":{"rendered":"Encryption is great… as long as you don’t lose your keys…"},"content":{"rendered":"

\"AI\u2019m writing, today, from a customer site in Barrington. I was called in because a laptop used to drive a conference room display was experiencing some peculiar behaviors.\u00a0 Perhaps you\u2019ve seen such behaviors?\u00a0 I hope not. These were malicious.<\/span><\/p>\n

This laptop displayed a screen for the input of a credit card.\u00a0 It sure did look official!\u00a0 There were logos and branding and colors.\u00a0 It looked like it was on the up-and-up, and that my credit card information would be well protected, once I put it in.\u00a0 But there were some tell-tale signs that all was not well.<\/span><\/p>\n

The first tell was that you could not change the focus of the system away from this screen.\u00a0 Someone, earlier, had tried to bring up Task Manager and had gotten it to load, but you couldn\u2019t make it the focus\u2013you couldn\u2019t, in essence, \u201creach\u201d it, in order to make use of it.<\/span><\/p>\n

This is a common indicator of a malware infection.\u00a0 Bad Actors don\u2019t want you to be able to use Task Manager to stop their malicious code, so they prevent you from accessing it.<\/span><\/p>\n

I tried to start a command-line through the Start Menu, and I was able to launch it, but again, was not able to change the screen focus to the command line I had just started.<\/span><\/p>\n

No worries!\u00a0 We\u2019ll just restart in safe mode with networking, and we\u2019ll pull some anti-virus software down from the Internet and get this system cleaned.\u00a0 You may have used this approach yourself, or know people who have.\u00a0 It\u2019s in the ordinary playbook for such things, but it doesn\u2019t always work.<\/span><\/p>\n

In this case, restarting in Safe Mode with Networking didn\u2019t actually include the Networking part.\u00a0 For this system (at this particular point) Safe Mode with Networking couldn\u2019t \u201csee\u201d the WiFi controller, so it was no different than Safe Mode.<\/span><\/p>\n

Trouble was, when the system was attached to the network, the malware already on the system would fire and make the system unusable\u2013pretty quickly after boot.\u00a0 Well, this was just a conference room laptop\u2013there was nothing important on it, so we can just reset it, right?<\/span><\/p>\n

Well\u2026 this customer had done what they were supposed to do at installation time:\u00a0 they had turned on local encryption with <\/span>BitLocker<\/span><\/a>.\u00a0 That\u2019s good, right?\u00a0 Yes\u2026 but it\u2019s an impediment if you don\u2019t have the implementation-unique code generated at the time the encryption is established.<\/span><\/p>\n

When something is as much a hazard as it is a help, we call it a double-edged sword. Few people actually use swords anymore, but if you think about it, it makes sense.\u00a0 A cutting edge that faces you as well as your enemy can cut you as easily as it could cut them.<\/span><\/p>\n

Encryption keys are a lot like that. <\/span>NIST<\/span><\/a> standards call for all data to be encrypted at rest.\u00a0 Specifically, <\/span>NIST Control SC-28<\/span><\/a> \u2014 Protection of Information at Rest calls for this. It\u2019s good and sensible because if you encrypt your data with an encryption key it will be harder or impossible for a Bad Actor to get at, but if you lose that key, you may have a hard time getting it back again, if things go awry.<\/span><\/p>\n

This is why CMIT offers a key management service to our customers. <\/span>Part of a wide range of data protection services<\/span><\/a>, we offer an alternative to slips of paper floating around with those precious keys on them, or relying on the picture someone took of the screen at installation time. CMIT\u2019s services can maintain those encryption keys in a real-time database of encryption keys\u2013making them available at any time in the future, no matter who comes and goes from the organization, or what happens to that folder of stuff you got when the computer was new.<\/span><\/p>\n

In today\u2019s case, there WAS a folder of stuff about the computer, from when it was new. There was a license key, for instance, for the operating system. There were even references to a laptop which seemed to pre-date the one currently in use, but there were no notes about the BitLocker encryption key or whose Microsoft account was used at installation time (which may then have a copy of that key).<\/span><\/p>\n

This meant that we could not use some of the \u201ceasy\u201d methods to reset the operating system to a prior, virus-free state.\u00a0 The choice was made to wipe the system completely and start from scratch.\u00a0 While this does work, it is time-consuming, and shouldn\u2019t be necessary.\u00a0 In fact, it\u2019s not necessary for customers who elect to have us manage their encryption keys for them.<\/span><\/p>\n

So your call to action is to ensure you have a strategy for key management, and that you\u2019re realistic about your organization\u2019s ability to keep that strategy.\u00a0 If you would like help, don\u2019t hesitate to reach out<\/a>.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

I\u2019m writing, today, from a customer site in Barrington. I was called…<\/p>\n","protected":false},"author":1045,"featured_media":724,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[17,16],"class_list":["post-723","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-local-it","tag-encryption","tag-malware"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cmitsolutions.com\/chicago-il-1221\/wp-json\/wp\/v2\/posts\/723","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cmitsolutions.com\/chicago-il-1221\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cmitsolutions.com\/chicago-il-1221\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cmitsolutions.com\/chicago-il-1221\/wp-json\/wp\/v2\/users\/1045"}],"replies":[{"embeddable":true,"href":"https:\/\/cmitsolutions.com\/chicago-il-1221\/wp-json\/wp\/v2\/comments?post=723"}],"version-history":[{"count":0,"href":"https:\/\/cmitsolutions.com\/chicago-il-1221\/wp-json\/wp\/v2\/posts\/723\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cmitsolutions.com\/chicago-il-1221\/wp-json\/wp\/v2\/media\/724"}],"wp:attachment":[{"href":"https:\/\/cmitsolutions.com\/chicago-il-1221\/wp-json\/wp\/v2\/media?parent=723"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cmitsolutions.com\/chicago-il-1221\/wp-json\/wp\/v2\/categories?post=723"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cmitsolutions.com\/chicago-il-1221\/wp-json\/wp\/v2\/tags?post=723"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}