Users Guide
● The recovery extension now loads only when the Recovery utility runs a Mount or Accept new configuration operation on a
volume encrypted with Dell full disk encryption. The recovery extension is no longer loaded for a FileVault encrypted volume.
[DDPMS-150]
● The Enterprise Edition for Mac installer now supports the use of port 80 with Dell Policy Proxy. [DDPMS-212]
● When an external drive that is provisioned with EMS is used on a computer that does not have EMS installed, the Access
EMS Get Info window now correctly displays the EMS build number. [DDPMS-228]
● EMS Explorer now allows multiple file operations to be simultaneously performed on a provisioned drive. [DDPMS-229]
● When booting from an OS X 10.9.2 recovery partition that uses FileVault 2 Recovery, updates to recovery scripts have
corrected the recovery process. [DDPMS-236, DDPMS-249]
● Encrypted files stored on an external drive now open in EMS Explorer without errors, regardless of file size. [DDPMS-239]
● When EMS is enabled and an external drive is connected to the computer immediately after start up, EMS now correctly
prompts the user to provision the drive rather than returning a file system error or changing external media files to read-only.
[DDPMS-245]
Enterprise Edition for Mac New Features and
Functionality v8.1.3.5821
Apple has announced that there is a security flaw in iOS and OS X 10.9.x. In iOS 6, iOS 7, and OS X 10.9, the security flaw could
in some cases allow hackers to intercept communication sent using SSL/TSL security protocols. The flaw was patched by Apple
in the OS X 10.9.2 update, released 02/25/2014, and iOS 6.1.6 and 7.0.6 updates, released 02/21/14.
For the Reuters report that explains the issue, see http://www.reuters.com/article/2014/02/22/us-apple-encryption-
idUSBREA1L10220140222.
This flaw could potentially affect Enterprise Edition and Cloud Edition customers depending on how they have configured their
OS X clients. In particular, activation of DDP iOS and Mac OS X clients running 10.9 over a DMZ (non-VPN) connection to DDP
or CMG Servers could expose the authentication credentials of the activating user. Activations done over VPN and non-domain
activations will not expose authentication credentials during activation. Dell recommends that customers with OS X or iOS
clients take the following precautions:
1. Notify all DDP|EE OS X 10.9 users to immediately apply the 10.9.2 update.
2. Notify all iOS 6.x and 7.x users to update to the 6.1.6 and 7.0.6 versions immediately by selecting "Settings... General...
Software Update" on their iOS device(s).
3. Enforce password change for any users that activated over non-VPN connection with a DDP OS X client between the
release of 10.9 (10/22/13) and the date when the 10.9.2 update is applied to the computer.
4. Enforce password change for any users that authenticated with DDP | Cloud Edition iOS prior to patching their iOS devices,
or Cloud Edition for Mac between the release of 10.9 and the date when the 10.9.2 update is applied to the computer.
5. Ensure that all OS X 10.9 devices have been activated and show as "Protected" in Compliance Reporter. Any OS X clients
missing or not showing as Protected in Compliance Reporter should be considered unmanaged and should be investigated by
IT Administrators to ensure that the endpoint has not been activated and encrypted with keys stored on an impersonated
server.
Enterprise Edition for Mac Resolved Technical
Advisories v8.1.3.5821
● Recovery of Fusion Drive and FileVault volumes is improved. [DDPMS-95, DDPMS-102, DDPMS-130]
● Improvements have been made to installation and upgrade procedures as well as to support of property list file overrides of
allowed OSs. [DDPMS-125, DDPMS-144, DDPMS-151]
● Non-boot disk partitions can now be encrypted with Dell FDE encryption. [DDPMS-137]
● The Shield now maintains stability when a property list file is missing or renamed. [DDPMS-145]
● Installation and functioning on computers running OS X 10.9 or 10.9.1 is now prevented by the Enterprise Edition for Mac
installer. [DDPMS-223, DDPMS-230]
● Enterprise Edition for Mac Shields with computer names containing the apostrophe character now properly activate.
[DDPS-350]
20
Encryption Enterprise for Mac Technical Advisories