•The private key must be stored on the administrator’s computer and only the administrator must be able to access it. Also, the private key may be installed on DeviceLock Enterprise Server and DeviceLock Content Security Server.

•The public key is installed on every computer where DeviceLock Service is running. If the public key has not been installed on the user’s computer, there is no way to use Temporary White List function or DeviceLock Certificate-based authentication for DeviceLock Enterprise Server and DeviceLock Discovery.