Marley was dead, of that we can be certain. The poor man had died tragically at his desk going over the security auditing logs trying to ascertain if the laptop that had been stolen from their young clerk had been secure or not. To think that the fiendish devil who had procured it could now be drooling over the contents of their money changing shop! Defiling the social security numbers and credit card numbers of clients! Glancing upon confidential documents meant only for the eyes of he and his partners! THE MAN HAD EVEN KEPT A PASSWORD FILE CONTAINING ALL OF THE ADMINISTRATOR PASSWORDS TO THEIR SYSTEMS! The strain of thought had been too much to bear for what was left of his old heart. To that end, Marley was dead as a doornail.
Let it not be said that Scrooge was a foolish man to be sure. He had been a systems expert ever since punch cards had been run through the mainframe in order to do business. That old mainframe had long vanished even before old Marley. Scrooge had lived to see laptop and tablet usage abound. He guarded his systems with a fervor that brought even the most stoic of security experts to tears. His Antivirus scanned his clients every day and updated twice as such. Firewalls were configured to the degree that to open a port required a superhuman feat. Network appliances were even in place standing sentry over every email in or out. His morning had been plagued with his young system admin speaking out of turn, “Sir, the newest version of Microsoft BitLocker Administration and Monitoring (MBAM) should soon be released. I think we should consider it.” He scorned the young one, “To your MBAM, I say Humbug!”
That night a much less hardened Scrooge sat at his desk, reviewing antivirus logs before retiring. A moan over his shoulder turned his gaze on a ghastly specter, bound in chains with all manner of creatures hanging on the links. “Ebenezer! Your stubborn security policies will be your undoing! Behold, my fate as I am wrapped in the chains of endless reports, and on each chain swings a creature of ill intent, hacking my devices and stealing my storage. The device! We never secured the device! You must avoid my fate to roam for all eternity seeking the data which was lost in life. On this night you will be visited by three ghosts to show you the way…..” and with that he was gone.
Many hours passed as the clock tolled away until Scrooge had at last retired to sleep, thinking the whole encounter a waking dream. Suddenly, the alarm on his Windows Phone went off unexpectedly, stirring him from an already uneasy slumber. Grabbing his phone the display read: “Reminder: Ghosts coming to haunt you. Start Time: NOW!” After reading it, the screen on the phone shone as brightly as the noon day sun. As it dropped to the floor a hand shot from the screen, then a figure emerged.
The figure had the height of a child, but a form that was blurred, and as Scrooge examined closer, he could see that the blurring was a myriad of random data making up the figure. “Pray tell, are you the spirit that was foretold to me?” The voice that replied sounded miles away, “I am the ghost of encryption past. Bear but the smallest touch of my hand and I will show you what you must see.” As the spirit placed its hand on him his head filled with emails and memos of long ago and unknown persons, and in a blinding flash, he was no longer in his home.
The scene before him was that of a board room. The spirit’s distant voice echoed inside his head, “Do you recognize this place?” “I do. I was a fledgling system admin here. There was talk of securing our Windows XP PCs. I remember it well,” with that, a young Scrooge was giving a presentation, “So as you can see, by investing this sum of money we will be able to implement any one of these technologies to secure our computers. I know it is a large sum, and implementing it will take the better part of a year. We will also have to send our help desk personnel to a week of training to learn to support it, but if our information was ever stolen, it would then be safe.” The scene faded and the spirit’s voice rang out, “And what was their response?” Scrooge grimaced, “They laughed at me. Said it was far too costly and that our BIOS startup password was enough. Even if something was stolen what could be done with it? The internet was still in its infancy and there really wasn’t much to do. It was too difficult for them to understand, too difficult to teach the technology. I was discouraged and embarrassed. I vowed never to be ridiculed again and I would follow their policies even if it leads to their undoing.” As he turned to face the spirit he saw bits of data dropping from the figure and other ghosts flying from the darkness and grabbing the data, only to flee back into the shadows. As the last bit of the figure’s data was stolen there was another flash of light.
This room was brightly lit and a warm fire filled the hearth in one corner. There were no doors or windows, but the room was decorated with the most festive mood of holiday merriment. A rather large and jovial man sat on a wooden chair near the hearth, wearing a silver robe with printed padlocks displayed all over it. “Welcome, welcome. I am the ghost of encryption present. Come in, come in! Login accepted! You belong here!” And with a wave of the spirit’s hand a chair slid from behind Scrooge and scooped him over to where a computer screen hung in midair. “Tell me spirit. How are you to be my salvation?” There was no breeze yet the spirit’s auburn hair moved about as if a gentle breeze blew, “Tell me lad, what operating system runs this day?” Scrooge looked confused for a moment, “We are nearly finished with our migration to Windows 7 with only a few Windows XP machines behind. “ The spirit’s laughed boomed in the enclosed room shaking every fixture, “Wonderful, Wonderful. Come and see what I have prepared for you.” Scrooge looked at the screen at what appeared to be a Windows 2008 R2 server and saw a setup loading. The spirit smiled at him, “I’ve already loaded SQL 2008 R2 so we needn’t spend our precious time on that. This, my friend is Microsoft BitLocker Administration and Monitoring 1.0. Come and set it up with me…”
The spirit touched the Start link that hung in the air. Scrooge turned to him, “Is this a Surface?” The spirit merely shook his head and continued.
The spirit clicked I accept and Next
A mischievous glint shone in the spirit’s eye as he turned to Scrooge, “Microsoft recommends that you only install everything when you’re testing, but it will still work fine in production for up to 21,000 clients.” He pressed Next.
“I don’t have Certificates on my network yet, but the PKI team from CSS is coming in next week to take care of that; for now we won’t encrypt the network communication,” which he selected and clicked Next.
Scrooge stared in wonderment, “This setup is quite simple, spirit”
“Aye lad” and Next was pressed again.
With a trembling hand Scrooge pressed the ghostly Next button hanging in the air.
“What account is required here, spirit?” The jovial man bellowed laughter, “Only something that the reports can use to access the Compliance and Auditing Reports database. A basic SQL service account would be fine.” Next was pressed.
“Any open port not in use,” the spirit said matter-of-factly. (You guessed it) Next again.
Clickity the Next-ity.
The spirit beamed at Scrooge, “Would you like to do the honors?” Scrooge pressed the ghostly Install button.
The spirit slowly clicked Close then opened regedit and created a new key under HKEY_LOCAL_MACHINE\Software\Microsoft\MBAM and named the dword32 bit key DisableMachineVerification giving it a value of 1. While the spirit rebooted the server Scrooge noticed a change in his demeanor. He was still as Jovial as ever, yet his hair had gone ashen gray during the install, “Are spirits’ lives so short?” The spirit now coughed and sputtered as he laughed, “All our times are short, but doesn’t it matter most how it is spent rather than the quantity of it? By the way, you can install the client with a simple msiexec /i MBAMClient.msi /q and don’t forget to configure the group policies!” He then turned completely gray and maelstrom came from nowhere blowing him to dust and darkening the room in its fury. Scrooge was blown to the floor and could only shield his eyes until all fell silent.
Scrooge opened his eyes to reveal a barren wasteland before him. Turning around he beheld a spectral figure completely robed whose face was hidden in shadow. The phantasm stood before him in silence. This presence was not as inviting as the other two had been and Scrooge stammered as he spoke, “Am I to assume that I am in the presence of the ghost of encryption yet to be?” Silence was the only response. “Tell me spirit, what is to become of the MBAM setup that I went through with your comrade beforehand?” A slender finger made of bone drew from the robe and it pointed in the distance. Scrooge turned to find he was now amongst tombstones. Scrooge trembled as he wiped the dust from the closest one. It read:
Microsoft BitLocker Administration and Monitoring 1.0
2010-2013
“No spirit! Let it not be so! The ease of setup was grand and tool was even free! Tell me if these are the images of what will be or if they are only the images of what may be. Tell me there is yet hope for souls such as mine!” The phantasm turned and pointed in a new direction where there was a point of light. Scrooge ran in desperation to that light and the promise of its warmth. In a vision he saw his young system admin packing things into a box on his desk. His voice sounded muddled with emotion, “If only he had taken my advice before the HR laptop had been stolen. Hundreds of social security numbers were on that laptop including his own. I do hope he finds another position. Now then, back to that beta testing.” “Spirit, why show me these visions if my only hope of salvations lies in expired software? Where is my salvation in this endeavor?” A screen opened in the air next to the apparition and something flickered on:
“The Beta young Bob mentioned! It’s MBAM 2.0! The old one only expired because a new one replaced it!” Images starting flashing on the screen rapidly:
“Why, it’s integrated into the SCCM console with reports!”
“And look! A collection and configuration baselines, amazing! I must know more spirit, please!” Other ghosts came crying from their graves, “Protectors are more flexible…” Another wailed, “Support for Windows 8 and a new self-service portal!” Still more cried, “Automatically resume from a suspended state!” The ghosts twirled and flew around Scrooge until the whole landscape before him spun then all went black.
Scrooge awoke in his own bedchamber surrounded by silence. His phone was on his night-side table its screen dark. Leaping to his feet he ran for the window and threw it open. A small boy was sitting on the curb with a laptop undoubtedly leeching from his wireless network somehow, “You there boy! Tell me what day it is!” The boy looked confused, “Why it’s Christmas of course sir.” Scrooge paced rapidly around the room, “They’ve done it one night! Why of course they have, of course they have…” He picked up his phone and made a call, “Bob, Has there been reports of any stolen laptops? No? Then we aren’t too late,” with this he chuckled madly, “tomorrow we shall implement MBAM, Bob. What? No, it’s very easy and the spirits have already shown me how. No Bob, I know we use SCCM not Ghost. I meant they…oh never mind, never mind, we shall resolve it straight away. Yes, yes, a very Merry Christmas to you too, Bob.”
He was true to his word too. Within a week MBAM was setup and devices were encrypting. Never again was data lost on Scrooges watch and he merrily administered it all with MBAM. Now to you dear readers, from all of us at Certified Security Solutions, have a very Merry Christmas, and may your spirits be light, not your encryption ciphers.
