Hi everyone,
I would like to ask what would happen should a user need recovery if I were to disable both the admin recovery and self-recovery option in the policy assigned to their system. Is there an alternative recovery method I could do at the ePO side?
Your help will be greatly appreciated.
Thanks,
Dayana
Btw, I've been reading up and saw that we can use DETech to recover systems. So would that mean that it is ok for me to disable both the self-recovery and admin recovery option on the ePO console? I want the recovery process to be more secure, ie: I dont want any imposters to be doing the recovery on the client PC and gain access to the PC.
You can't do admin recovery without epo access, and of course a detech recovery also requires epo access, so there really no point disabling admin recovery..
If you have Intel AMT systems, then it might be worth taking a look at McAfee Deep Command and Drive Encryption : Out Of Band Management
.
It provides the following functionalitiy:
Also please be aware that the a mobile app callled McAfee Endpoint Assistant was also release for IOS and Android wint McAfee Drive Encryption 7.1. This will allow a user to recovery there password without any interaction with the ePO server.
Take a look at the following link https://www.youtube.com/watch?v=k1LhoagIlC8
Hope that helps.
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA