06-04-2022 05:15 AM - edited 06-04-2022 05:18 AM
Hi All,
We are planning to move our device encryption from Sophos to JAMF Device encryption. We have macOS 10.14.6 to 12.4 in our environment. The devices are already encrypted and the recovery key is stored in Sophos. We have configured JAMF Device encryption in JAMF Pro Cloud and the policy. How we can perform this migration seamlessly without having many hiccups and less user interaction where most of our users work remotely. Has anyone performed this, I need some expert opinion about user experience, and seamless deployment before rolling it out.
Posted on 06-07-2022 03:48 AM
You'll probably want to generate a new Recovery Key and escrow it to Jamf Pro. Easiest way I'd do this is create a Policy with Disk Encryption payload configured to issue a New Recovery Key, with the type being Individual. Also create a config profile to your devices with Security & Privacy payload configured for FileVault, and turn on "Escrow Personal Recovery Key". Test it first to some devices and make sure Jamf captures the key, then use it to unlock your systems.