![]() …and it looks like Sophos can still see malware and viruses, but what it can’t do is remove or quarantine them. Then I repeated the experiment after manually unenrolling, and rebooting for good measure… So - if the eicar test file is downloaded to a user home directory and gets detected as malware - that proves the profile is actually doing something…Ĭurl > test_ to download the test file to a user home directory on a device enrolled in MDM with the Sophos “Full disk access” profile installed.īingo! Detected as Malware. ![]() There’s an anti-malware testfile available from eicar which isn’t actually a virus - but is detected as such by anti-virus applications! I was expecting to see Sophos or some Sophos components “pre-approved” in the Security & Privacy –> Privacy –> Full Disk Access part of system preferences. It was added at the device level… and appears to be installed correctly by SimpleMDM. This made quick work of creating a suitable profile that I could upload into SimpleMDM as a “Custom” profile. Open source tools to the rescue?Įnter Erik Berglund’s ProfileCreator - a GUI application for creating Apple configuration profiles. Our MDM of choice SimpleMDM does allow for adding Privacy Preferences - but the UI didn’t seem to lend itself to adding all of the components required in that Sophos doc. However - it wasn’t perfect… we don’t use Jamf and we don’t use Profile Manager. Sophos support originally produced some frankly horrible instructions… but recently we finally got some documentation that was a little more helpful. ![]() Which is a problem for an anti-virus application that expects to have access to the whole disk - to make sure no nasties end up on your computer… MDM to the rescue?Īpple’s mobile device management (MDM) framework does allow an admin to grant specific applications Full Disk Access to they can continue doing what they need to do. ![]() MacOS Catalina checks with you before allowing an app to access your data in your Documents, Desktop and Downloads folders, iCloud Drive, the folders of third-party cloud storage providers, removable media and external volumes. There are lots of new features in Catalina… with Data Protection being a big deal when it comes to our anti-virus tool, Sophos. ![]() I and others have been working on getting our systems ready for Catalina for the last few months… and we’re just about there thank goodness! Hosted MacOS build agents in Azure DevOps ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |