Before You Begin
Before you install Aegis, you must complete the following steps:
-
Make sure you have your Atomus Aegis Microsoft credentials ready (you should have received these from an Atomus team member).
-
Make sure the new machine is running Windows 10 or 11 Pro.
Login to Aegis Microsoft Account
-
Turn on the machine and follow the prompts to initialize windows.
-
Eventually, you will be greeted with a screen that says " How would you like to set up?". Click "Set up for an organization" and enter the Microsoft credentials sent to you by Atomus.
- Note: If you do not see the option to Set up for an organization (or Sign into Work or School account), please refer to these instructions first
- Note: If you do not see the option to Set up for an organization (or Sign into Work or School account), please refer to these instructions first
-
- You will now be asked to setup 2-factor authentication. We recommend downloading the Microsoft Authenticator App on your phone and using that. Once installed, select Use an App from the list of options and follow the steps on the next screen.
- A screen will appear that says " Use Windows Hello with your account", click "OK" to continue, and set up a pin that is at least 8 digits long. This will be the pin you use to log into Aegis.
- You should now be brought to the new Windows Desktop.
Download and Install Aegis
-
If you do not see an icon for the Aegis App already on your new desktop, please download Aegis-Setup.exe from the link you used previously (the link in the pre-onboarding instruction email), and run it to install the application in your new partition.
-
Run Atomus Aegis by clicking the icon on your desktop, then Aegis will begin its installation.
- If asked to provide permissions on the Firewall to the Atomus Aegis application, feel free to say yes to all the networks (Public Network, Private Network, Domain Network) shown to make sure that the Atomus Aegis can work on all networks your device connects to
-
You will be prompted to login to your Microsoft account. Use the Microsoft ID provided by Atomus to log in.
- Allow the installation steps to complete. If any step fails, you can retry the step by clicking the rotating arrow icon next to the installation step. If the problem continues, send a support request with the details of the issue.
Once all steps have finished click " Continue", and when ready restart your computer to complete the final step of the installation process. When you have successfully restarted and logged back into Aegis the process is complete.
Next Steps
After this, you should be able to restart your machine and select Atomus Aegis, now you're ready to work compliantly.
Setting up an extra device for your organization?
No problem! If you are setting up an extra device to have on hand, follow the same steps as above.
FAQs
Should I set up Windows Hello or skip it?
You will eventually have MFA on the device which will override any Windows Hello setup you might have.
Do I have to use Microsoft Authenticator?
It is best to use this MFA option as it will prompt a code on the app and verify Face ID for security and compliance. While text message codes are available, Microsoft plans to get away from this method as it is not as secure.
Is it going to be two factor every time we start up the computer?
Not right now. This two-factor authentication is for Office 365 but eventually after onboarding, we will roll out MFA for devices locally per NIST 800-171 requirement under control 3.5.3. Once this is implemented, it will ask for device MFA after every reboot and start of the computer.
Is the backup encrypted on device level, or is it before the transmission, or is it encrypted when it arrives at your facility?
It is both. The device level encryption has a key that is tied to your account. Then a second layer of encryption occurs at a company level, which happens during the transmission period.