Endpoint Privilege Management (EPM) Disaster Recovery
This article explains the different Endpoint Privilege Management (EPM) integration methods and describes how endpoints are affected if communication with the policy server is disrupted in a worst-case or disaster scenario. It also includes links to related documentation for each integration method
To access the policy folder location for each deployment type, the user must be a local administrator. If agent protection is enabled, please refer to the Agent Protection section to temporarily disable it.
Endpoint Privilege Management Cloud (Pathfinder)
When leveraging the EPM Cloud product, the endpoints rely on communication with the tenant/server. This allows the endpoint to send events and pull down the policy. For more information on EPM Cloud please review the following documentation:
Pathfinder specific:
Cloud site specific:
The EPM Cloud tenant and database are managed and maintained by BeyondTrust. If any issues occur, the BeyondTrust team will need to investigate and resolve them. Please open a case with BeyondTrust Support for any issues that require investigation of the tenant’s database or backend.
Impact on the EPM Endpoint:
Should there be an issue in communication with the server, events will be held on the endpoint to a maximum of 25,000. Please refer to EPM event centralization resilience for more information. The policy will not update if there is a new revision, however, the last good policy that the endpoint received will still be on the machine and be used by EPM until it is able to receive the updated policy.
The policy, along with Azure AD group information, on Windows is kept in C:\ProgramData\Avecto\Privilege Guard under DPC Cache\Machine and AzureADCache respectively.
On a Mac, it's kept in /etc/defendpoint/ labelled as ic3.xml
If there is a need to update the policy urgently while the endpoint is having issues communicating with the EPM Cloud server, this can be accomplished manually. This method requires a backup/working copy of the policy from the EPM Cloud portal to copy to the affected endpoint.
Deployment software such as SCCM or JAMF can be used to deploy the policy if the issue is occurring for multiple endpoints or the entire estate. This would be instead of manually updating the policy endpoint by endpoint.
Continue reading here
Customer Case Study
LA Department of Water & Power :: Los Angeles Department of Water and Power Boosts Productivity with Endpoint Privilege Management
Latest Available Versions:
Endpoint Privilege Management Windows and Mac (Cloud and Pathfinder) 25.7.551 - October, 2025
EPM for Windows and Mac (Cloud only) 25.7.544 - October 2025
EPM for Windows and Mac (Cloud and Pathfinder) 25.7.543 - September 2025
Beekeepers Hot Topics
Microsoft Autopilot Release 2508 - Windows builds broken with EPMfW 24.3.334.0
“..MS released an update for Autopilot (2508) and since then, we are seeing our builds crash. If we remove EPMfW, build completes successfully. Is anyone else seeing this?..”
Click here for the most popular discussions in BeeKeepers
Upcoming and In Case You Missed It Webinars:
Road Maps:
Upcoming Product Road Map EPM, Windows and Mac : Tuesday, November 4th, 2025
2025 July Product Road Map: Endpoint Privilege Management Windows & Mac
User Groups:
Q3 Americas EPM User Group Recording
Announcements
Earn $25 by reviewing BeyondTrust!
Your feedback not only helps us but also assists other businesses in making informed decisions. As a token of appreciation, we are offering $25 for each published review through G2 using the link below. Leave a review on G2 and earn $25!
Who To Contact
Need to reach someone from the team or have questions?
Find your main points of contact below.
Support:
Technical Support – Best Practice
Customer Success Management:
