5 Replies Latest reply on Nov 19, 2010 5:44 AM by Thundercat

    SSO - Please tell me what is wrong with this idea

      A quick question about Single Sign On with McAfee Endpoint Encryption.

       

      When using SSO, the user is prompted for the password at the usual Safeboot logon screen. When the logon here is accepted, it will proceed to logon to Windows automatically.

       

      Since we would now be gaining full access to the system with a single logon and password, I have been asked what the difference is between this and using an $Autoboot$ account to bypass the SB logon and simply using the Windows logon as the single point of sign on?

       

      Presumably, the hard drive would still be encrypted, stopping an intruder using a boot CD to grab data from the drive or use the usual Windows password reset tools.

       

      The only thing I can think of is that an intruder could load the machine to the Windows screen, plug in a network connection, and then attempt to exploit Windows vulnerabilities that wouldn't be available using SB as the SSO logon prompt.

       

      I realise this is a bad idea, but I am after some more information on why this is the case so I can explain it to management.

       

      Please can someone advise or point me to what McAfee say about this?

       

      Thanks!