Security Considerations

  • The Deployment Agent does not store the administrator password in clear text.
  • The client UI collects the credentials and passes them to the device agent to store in separate values of a registry key under EP root.
  • The password stores as an encryption and the principal name stores in plain text.
  • Administrator accounts have access permissions of FULL CONTROL for the registry key.
  • The SYSTEM account has READONLY access permissions for the registry key.
  • The user and password never pass to the target devices. They establish the Task Scheduler connection.