When selecting this option, users can choose to skip enabling the encryption option as many times as specified here.ĭo not request enabling FileVault at user logout time The user sees the prompt when logging in to the macOS device. Select to configure a limit to the number of times the user can ignore the prompt to enable FileVault.Ĭlick up or down to select the maximum number of times.
Maximum number of times a user can bypass enabling FileVault When selecting this option, users cannot bypass enabling the encryption option. Select to prompt the user to enable FileVault on the macOS device. Select Higher than or Lower than, then select an existing policy from the drop-down list.įor example, to give Policy A a higher priority than Policy B, you would select “Higher than” and “Policy B”.Įnter an explanation of the purpose of this policy.ĭefer FileVault until the designated user logs out:
This priority determines which policy is applied if more than one policy is available. Specifies the priority of this policy relative to the other custom policies of the same type. Only one active policy can be applied to a device. Select the relevant radio button to indicate whether the policy is Active or Inactive. Use the guidelines in Enabling or disabling encryption on a macOS device to complete this form.Select Add New > iOS and macOS > macOS > FileVault 2.This common key is used to unlock any managed, encrypted macOS device.įileVault 2 policies are supported on devices running macOS 10.10 through the most recently released version as supported by MobileIron. You can use FileVault 2 to generate and install an institutional recovery key to your system before enabling encryption. Institutional recovery key: An institutional recovery key is used for the same purpose as a personal recovery key, but is the same for all macOS devices within an organization.FileVault 2 would then generate a new personal recovery key during re-encryption. If an encrypted macOS is decrypted and then re-encrypted, the existing personal recovery key is invalid. A personal key is unique to the machine being encrypted. Personal recovery key: FileVault 2 automatically generates a personal recovery key at the time of encryption.Users can employ recovery keys to unlock the disk, in case they forget the password for that purpose. The FileVault 2 policy also includes recovery keys. You can apply a single FileValut 2 policy to a device. Core enables you to create FileVault 2 policies that you can use to control the encryption of managed macOS devices. FileVault 2 can be used to perform full XTS-AES 128 encryption on the contents of a volume. You can encrypt macOS devices using FileVault 2. Enabling or disabling encryption on a macOS device
0 kommentar(er)
