Security Considerations

  • The Deployment Agent does not store the administrator password in clear text.

  • The client UI collects the credentials and passes them to the device agent to store in separate values of a registry key under EP root.

  • The password stores as an encryption and the principal name stores in plain text.

  • Administrator accounts have access permissions of FULL CONTROL for the registry key.

  • The SYSTEM account has READONLY access permissions for the registry key.

  • The user and password never pass to the target devices. They establish the Task Scheduler connection.