FileVault full-disk encryption helps prevent unauthorized access to the information on your startup disk. This security measure needs to be part of everyone’s security standard.
We’re working to more aggressively enforce FileVault encryption across all of our clients running macOS. Here’s how you can review, schedule, and notify your team of this change.
- Review Encryption Status in Vision-Bot — We have long used Vision-Bot to report on the status of FileVault encryption. However, we have not made a judgment on this status until now. Starting September 26, 2022, we are conservatively identifying Mac notebooks released since 2018 and running macOS 10.15 or newer for encryption. If these Macs are not encrypted, they will display a Security warning in Vision-Bot. If applicable to your fleet, this warning will display in the left side tab of the All devices view and the Device Report Security column.
- Schedule Activation — If you have unencrypted Macs, we want to hear from you to schedule the start of the encryption process. Here’s how:
- Please email our service desk your preferred activation date for FileVault. (Tuesday through Thursday is best. No changes are allowed on Friday. Monday is okay, but it can be hectic, so why add to the chaos?)
- We will respond with confirmation of your date. Or, due to scheduling conflicts, we may need to push it back one week. Once you have a confirmed date, notify your team using the email template below.
- Notify Your Team — In preparation for encrypting the Macs at your organization, we recommend sharing the following message with your Mac users:
*** EMAIL TEMPLATE START ***
From: Primary Contact
To: Mac Users
Subject: FileVault Encryption – What to Expect
Hi, Team,
We’re working with Ntiva to improve the security of our devices, our data, and our team members! Next DAYOFTHEWEEK, DATE, if your Mac is not already encrypted, you must respond to a prompt (or two). Here’s what to expect.
-
-
- You may see a prompt to repair FileVault permissions. Follow the prompt, then enter your Mac password.
- FileVault Encryption: During your next Mac Restart or Log Out, you will see a prompt to enter your Mac password to enable FileVault (see screenshot below). We recommend you Restart or Log Out on DATE to trigger this.
- After successfully activating FileVault, you’ll notice one difference: Following a restart you will be prompted to unlock your Mac before, rather than after, the boot process. If encryption is not successful, we will contact you with recommended next steps.
- You may see a prompt to repair FileVault permissions. Follow the prompt, then enter your Mac password.
-
FileVault encryption has been thoroughly tested and approved and does not affect the performance of your Mac. Of course, if you discover any issues or have questions, please reach out to Ntiva’s Service Desk for assistance, EMAILSUPPORTADDRESS.
Thanks,
*** EMAIL TEMPLATE END ***
See also
FileVault Permissions Repair Notifications
Manually Enable FileVault on Your Mac
Comments
0 comments
Please sign in to leave a comment.