A client contacted us and explained that they need to migrate from McAfee Drive Encryption to BitLocker. They've used McAfee ePO on-premise since 2016 but moving forward they plan to manage encryption using InTune and BitLocker.
We were asked to scope up and perform the migration.
The first stage was to remove the automation that installed and activated McAfee Encryption. Once this was done we setup new automation to deactivate it. We monitored to confirm this was working for all internal and external endpoints. Once encryption was deactivated we could safely remove it from each system. This was achieved with more automation in ePO.
The next stage was to configure Hybrid AD Join for domain devices which was done using AD Connect.
The final stage was to onboard devices to In-Tune and setup BitLocker scripts to evaluate each endpoint and then activate encryption if appropriate.
We used pilot groups for testing and the client was very happy with the results.