Applies to: Sophos Home Premium and Free (Catalina MacOS 10.15)
What's changed with Catalina MacOS
After completing the Sophos Home installation , or upgrading to Catalina 10.15, MacOS users will need to perform additional steps in order to allow Sophos Home to fully protect their systems (especially to run Scans, and automatically remove malware from user folders), as well as to allow notifications to appear. This is due to a new security feature introduced by MacOS 10.15-Catalina , related to Data protections , that requires users to manually grant Full Disk access to applications that need to access/modify user folders.
Note: Despite these changes, even before performing the needed steps, please keep in mind that your Mac is still protected by the real-time protection feature in Sophos Home - however, due to macOS 10.15 Catalina system requirements, these additional permissions need to be granted in order for Sophos Home to perform fast / full scans as well as full cleanup of detected threats.
What to do
There are 2 required actions involved:
First required action: Granting Full Disk Access, so that Sophos Home can scan and remove malware from user folders, as covered in the video.
Second required action: MacOS will present users with a popup to allow notifications from Sophos Home. Customer will have to allow that in order to receive Sophos Home notifications. See below for details.
Watch a short video with the steps to grant Full Disk Access:
Note: When clicking on the padlock to allow changes, ensure you use your MAC credentials.
Aside from granting Full Disk Access, users will be presented with the option of receiving Sophos Home notifications, alerts, etc (such as "Scan complete" when a scan finishes). To do so, click on Allow notifications when prompted via the popup:
Grant Full Disk Access - Step by step guide (if you cannot/rather not watch the video):
1 - Click on "Let's Start" on the popup window
2 - Follow the instructions to open Security & Privacy
3 - In the "Privacy" section, Scroll down to "Full Disk Access", click on the padlock at the bottom left and enter your Mac's username/password to allow changes, then drag and drop the "Drag this" image into the Security & Privacy window.
4 - Once you have dragged the image into the Security & Privacy window, Sophos Home will state it is ready to use. You will also see several Sophos components added to the Full Disk access list: (you may close Security & Privacy at this point)
Note: If the steps are not completed the first time, the pop up will show up on reboot, and also whenever a scan has to take place.
Allowing Notifications :
The Mac operating system will present users with a popup in order to enable notifications for programs. In this case, for Sophos Home, users will see the pop up on the top-right of their screen and may click Allow to proceed:
Scenario 1 - Missing components
If some of the components do not get added after dragging and dropping, please follow these steps to manually add any missing ones:
1) Open Security & Privacy
2) - In the "Privacy" section, Scroll down to "Full Disk Access", click on the padlock at the bottom left and enter your Mac's username/password to allow changes.
3) Once at the "Full Disk Access" section, use the "Add an application" + symbol to manually add each component
4) Look up each component using the top right search bar and click "Open" to add them to the list, one at a time. The four components are:
Sophos Diagnostic Utility
Note: Ensure that after adding each one, they are ticked (check-marked)
Example of all 4 components added, and check-marked (ticked)
Scenario 2 - Additional components may need to be allowed
Some customers will notice that they have all 4 components added, and ticked, however they are still presented with the Sophos Home window to allow the components.
This could be related to having additional Sophos components in the Full Disk Access list. If this is the case, simply "check-mark" any additional Sophos components in order to proceed.
What to do:
Follow the Scenario 1 steps to access "Security & Privacy --> Full Disk Access" , click on the padlock to be able to make changes, and manually "tick" or "check-mark" any Sophos component that is not check-marked.
Example (additional component in this case is SophosScanD and it had to be manually allowed by clicking on the check-mark box next to it):
Scenario 3 - Dragging and dropping the components does not populate them on the Full Disk Access List
Some customers will notice that when performing the steps, the 4 components do not get added to the Full Disk Access list. To resolve that, please add a different component (either Sophos Installer or SophosScanD), by following these steps:
What to do:
1) Follow the Scenario 1 steps to access "Security & Privacy --> Full Disk Access" , click on the padlock to be able to make changes.
2) Once at the "Full Disk Access" section, use the "Add an application" + symbol to manually add SophosScanD and/or Sophos Installer
3) Look up each component using the top right search bar and click "Open" to add them to the list, one at a time. As SophosScanD and/or Sophos Installer get added, you should see the remainder 4 components populating the list (or be able to manually add them). Be sure that all the components are check-marked, as per Scenario 2.
Example with SophosScanD: (scrolling up/down may be needed to ensure all four components, plus SophosScandD/ Sophos Installer are correctly populating the Full Disk Access list , and are ticked with a check-mark )