When set to Disable, the prompt at sign-out is disabled and instead, the user is prompted when they sign in. Prevent the prompt to the user that requests they enable FileVault when they sign out. Yes - Defer the prompt to enable FileVault until the user signs out.No limit, always prompt - The user is prompted to enable FileVault, but encryption is never required.1 to 10 - Allow a user to ignore the prompt from 1 to 10 times before requiring encryption on the device.Not configured ( default) - Encryption on the device is required before the next sign-in is allowed.Set the number of times a user can ignore prompts to enable FileVault before FileVault is required for the user to sign in. The user sees this message on their sign in screen when prompted to enter their personal recovery key if a password is forgotten. Specify a short message to the user that explains how they can retrieve their personal recovery key. Escrow location description of personal recovery key.You can select the default of Not configured, or a value of 1 to 12 months. Specify how frequently the personal recovery key for a device will rotate. Configure the following settings for the personal key: Recovery key type Personal key recovery keys are created for devices. When set to Yes, you can configure additional settings for FileVault. FileVault is enabled when the user signs off of the device. Yes - Enable Full Disk Encryption using XTS-AES 128 with FileVault on devices that run macOS 10.13 and later. View the settings you can configure in profiles for Disk Encryption policy in the Endpoint security node of Intune as part of an Endpoint security policy.
0 kommentar(er)
