FileVault
Use the FileVault profile configuration to turn on FileVault disk encryption on devices and to select recovery key options when:
Note: Requires macOS 10.9 or later.
Enforce FileVault | Select this option to prevent device users from turning off FileVault disk encryption on devices once enabled from SOTI MobiControl. |
Recovery Key Type | Use one of the following options to enable FileVault disk encryption on devices.
|
Institutional Recovery Key Certificate | If the recovery key type uses an institutional recovery key, select the institutional recovery key certificate from this list. |
Show Personal Recovery Key | If this option is selected, the personal recovery key will not be displayed to the user even after FileVault is enabled. |
Store Personal Recovery Key in SOTI MobiControl | Select this option to enable the device user to store the personal recovery key on the SOTI MobiControl server in an encrypted format. |
Encryption Certificate | Use this option to manage the PRK Encryption Certificate, see Encrypting Personal Recovery Key and PRK Encryption Certificate. |
Require to Unlock FileVault After Hibernation | If this option is selected, the password will be required to unlock the disk after hibernation and to restore the disk to the last saved state. |