Rotate Bitlocker Recovery Keys Periodically
The device would be more secure if we have bitlocker key rotation option available at Intune Device configuration policies or by any other methods.
I would like to see functionality similar to MBAM (given that MBAM is being retired and the recommendation now is to use Azure AD).
MBAM would mark the key as used and then rotate the key making them one-time use. This feature needs to be transitioned from MBAM into Azure AD.
Bitlocker recover key rotation option will enhance the security level. Whenever the Admin use the laptop recovery key, it should rotate automatically in Azue side, so the old key won't work in future. So this will be very help when managing remote office location. Please include this option ASAP.