Are you using McAfee Endpoint Encryption for PC (EEPC) today?
Then you are very familiar with the following screen (For those who are not - this is the default McAfee EEPC preboot authentication screen that occurs at system start-up before the host operating system loads)
Later this year, McAfee EEPC v7 will be released. In connection with McAfee ePO Deep Command and Intel AMT, you will have the ability of remote unlock, reset passwords, and set location based unlock policies.
To put that in context - you can power\patch systems with a real-time secure unlock of the pre-boot environment without using the EEPC bypass feature of old. (For those who are wondering - the bypass feature refers to a policy\setting that MUST be applied when the system is on\operational and policies synchronized. What if the system is already off and you need to perform a power\patch immediately? This is where the remote unlock feature is very much needed... and will soon be available )
If you are not already familiar with McAfee ePO Deep Command, please see http://www.mcafee.com/deepcommand. This product includes a gateway\proxy service to connect to Intel AMT over the internet. Overlay the upcoming McAfee EEPC v7 and yes - you also will have the ability to unlock or password reset encrypted drives both inside and outside your enterprise )
One last item - what if you are using a different Intel AMT capable solution for daily Life-Cycle Management of the systems? If the Intel AMT configuration is compatible with McAfee ePO Deep Command, you have the ability to power-on via that non-McAfee solution and still have the secure remote unlock capabilities of McAfee.