Lumension Endpoint Management and Security Suite (LEMSS) 8.1 and 8.2
In LEMSS DC 8.1 and 8.2, the Microsoft CA key provider is set to 'Enabled (Decentralized)' by default.
If you have Microsoft CA key provider set to 'Disabled' in Tools > Options > Device Control, and encrypt permission granted to a user, the end user is presented with a choice for encryption methods:
- Encrypt for portable use (2047 GB limit)
- Encrypt for internal use (no capacity limit)
It is important to note that the "Encrypt for internal use (no capacity limit)" option should not be used as it may result in data loss.
In order to not expose this option, it is recommended that you keep the Microsoft CA key provider set to the default value of 'Enabled (Decentralized)'.