Did you set "Allow temporary automatic booting"?
Yes, it's not secure if you have this mode enabled.
Thanks for your reply!
I did not set up this system myself, so I'm unfortunately not aware if this has been done before I received it. Is there any way I can verify this, e.g. by looking at some registry key values or something like that?
(I currently do not have local admin access to the test computer, which seems to be required for using the commands specified for that task in the product guide that you linked to)
you need to look in the policy within EPO itself, but if you are seeing a quick flash of "Starting EEPC..." as the machine boots, then it's likely whoever set it up enabled this.
If you are evaluating EEPC though, just contact your McAfee reseller and get some professional help. No point struggling on your own.
Just one (hopefully) last question:
Is it possible (given e.g. the reported modules/version in my original post above) that the computer in question is running some other version of McAfee Endpoint Encryption than the "ePO Managed" version, and in that case, would your answers be any different?
I selected this forum (i.e. instead of the "EEM Managed" one) because my "McAfee Endpoint Encryption status" screen in the local McAfee Agent in the computer included the "McAfee Endpoint Encryption ePO Plugin", but perhaps that is not definitive proof that the computer is running the "ePO Managed" version, or is it? Could it be running the "EEM Managed" version instead? How can I check this?
And about the "evaluation", it's really more of a review of a test configuration of an already purchased product, and I don't have the contact details to the entities you mention, since I'm just a lowely techie assigned to investigate this myself, so I feel that I have to get back with some kind of result myself before just referring to some external sales department or support line or similar.
No, you're running EEPC 6.1, quite an old version of the product now but absolutely the EPO connected version. EEPC5 is the stand-alone version.
If there's no pre-boot authentication, but the machine is listed as encrypted, then the key is stored on the drive (a bit like leaving your house keys in the outside of the lock). It's absolutely not "secure" though it is very convenient for users.