I setup the new Symantec Endpoint Encryption 11 in my dev environment to run it through some tests and understand how it works.
We are a large organization that receives a large volume of calls about PGP password resets which are currently handled by individuals in the Support Center who have WDRT-recovery "power user" access in PGP.
Unless there is a massive piece of information going unexplained, I am entirely perplexed by the setup of this product.
From what I can understand, in order for techs to use the Help Desk Recovery MMC snap-in in the new SEE 11, they must have the over-arching SEE Management Password, the same password that allows all sorts of administrative permissions that I do not wish to grant to Help Desk operators.
This is so illogical that I have to assume that I am not understanding the feature or I am missing some vital piece of information altogether.
Anyone have any experience or feedback?
Thanks in advance!