The objective of the
tamper-resistance offered by the uninstall key is to minimize the chances that
a user will deactivate their agent when encryption policies are in effect
(doing so will prevent them from being able to open encrypted files).
The protection is
provided by the system only when the services are active with the agent running
and executing policies. When active, trying to uninstall the agent will require
the use of the uninstall key. However, if the agent isn’t running (e.g. a failed
install, failed to connect to a tenant, failed user registration, in case of an
error, etc.) the agent may be removed
without a key.
Note: While the
functionality delivers some tamper resistance, the Actifile agent isn’t
registered as a malware tool with Microsoft and therefore isn’t designed to be
tamper proof. For tamper proofing, we believe that the use of a monitoring
system that alerts the admin when an agent is tampered with is best.
Powered by BetterDocs