If your organization’s policies include a requirement for regularly changing encryption keys, you can generate and activate a new key. After doing so, force an agent refresh to immediately distribute the new key to devices. For instructions, see Section 39.0, Generating a New Encryption Key.