Due to Apple's Transparency, Consent, and Control (TCC) feature, the Endpoint Agent requires Full Disk Access (FDA) to scan all disk locations for threats. FDA must be granted on endpoints running the following versions of macOS:
- Sequoia 15
- Sonoma 14
- Ventura 13
- Monterey 12
- Big Sur 11
This article details how to remotely grant FDA with a User Approved Mobile Device Management (UAMDM).
Grant FDA using UAMDM
NOTICE - The FDA settings in the macOS Security & Privacy section do not display when FDA is granted using UAMDM
This mobileconfig profile also contains payloads to accept system extensions on the endpoint such as Endpoint Detection and Response and DNS Filtering. For more information on the mobileconfig profile, see MDM configuration file overview for macOS 11 and above - Nebula.
Create a Privacy Preferences Policy Control profile (PPPCP) to grant FDA. Deploy the PPPCP using a UAMDM.
- Download the attached file for your macOS Big Sur 11, Monterey 12, Ventura 13, Sonoma 14, and Sequoia 15 endpoints:
- Malwarebytes_Protection_profile_general.mobileconfig
- Upload the file to your UAMDM.
- Save and deploy your PPPCP by UAMDM as a device profile.
For instructions on manually granting FDA, see Grant Full Disk Access on Mac devices.