Applies to: Sophos Home Premium and Free (Catalina MacOS 10.15)
What to do
Troubleshooting steps/ Welcome to Sophos Home appears every time I restart my Mac
What's changed with Catalina MacOS
After completing the Sophos Home installation , or upgrading to Catalina 10.15, MacOS users will need to perform additional steps in order to allow Sophos Home to fully protect their systems (especially to run Scans, and automatically remove malware from user folders), as well as to allow notifications to appear. This is due to a new security feature introduced by MacOS 10.15-Catalina , related to Data protections , that requires users to manually grant Full Disk access to applications that need to access/modify user folders.
Note: Despite these changes, even before performing the needed steps, please keep in mind that your Mac is still protected by the real-time protection feature in Sophos Home - however, due to macOS 10.15 Catalina system requirements, these additional permissions need to be granted in order for Sophos Home to perform fast / full scans as well as full cleanup of detected threats.
What to do
There are 2 required actions involved:
First required action: Granting Full Disk Access
Sophos Home needs to be granted access to be able to scan and remove malware from user folders.
Watch this video with the steps to grant Full Disk Access :
Note: When clicking on the padlock to allow changes, ensure you use your MAC credentials.
Second required action - Allowing Notifications
The MacOS operating system will present users with a popup in order to enable notifications for programs. In this case, for Sophos Home, users will see the pop up on the top-right of their screen and may click Allow to proceed:
Step by Step guide - Grant Full Disk Access
1 - Click on "Let's Start" on the popup message
2 - Follow the instructions to open Security & Privacy
3 - In the "Privacy" section, Scroll down to "Full Disk Access", click on the padlock at the bottom left and enter your Mac's username/password to allow changes, then drag and drop the "Drag this" image into the Security & Privacy window.
4 - Once you have dragged the image into the Security & Privacy window, Sophos Home will state it is ready to use. You will also see several Sophos components added to the Full Disk access list: (you may close Security & Privacy at this point)
Note: If the steps are not completed the first time, the pop up will show up on reboot, and also whenever a scan has to take place.
In some cases, the Welcome to Sophos Home message keeps appearing after having followed the Full Disk Access steps. For those situations, MacOS may require users to manually add additional/missing Sophos components to the Full Disk Access list. There are different scenarios in which that can happen, please follow the guidelines below to correct the problem.
Watch this video covering how to add components to the Full Disk Access list, then follow the appropriate scenario below:
Scenario 1 - Missing components
If some of the components do not get added after dragging and dropping, and you are presented with the Welcome to Sophos Home message every time you restart the Mac, please follow these steps to manually add any missing ones:
1) Open Security & Privacy
2) - In the "Privacy" section, Scroll down to "Full Disk Access", click on the padlock at the bottom left and enter your Mac's username/password to allow changes.
3) Once at the "Full Disk Access" section, use the "Add an application" + symbol to manually add each component
4) Look up each component using the top right search bar and click "Open" to add them to the list, one at a time. The four components are:
Sophos Diagnostic Utility
Note: Ensure that after adding each one, they are ticked (check-marked)
Example of all 4 components added, and check-marked (ticked)
Scenario 2 - Additional components may need to be allowed
Some customers will notice that they have all 4 components added, and ticked, however they are still presented with the Welcome to Sophos Home message every time they restart their Mac.
This is related to having additional Sophos components listed in the Full Disk Access section. The solution is to "check-mark" those additional Sophos components if they are un-checked.
Follow the Scenario 1 steps to access "Security & Privacy --> Full Disk Access" , click on the padlock to be able to make changes, and manually "tick" or "check-mark" any Sophos component that is not check-marked.
Example (additional component in this case is SophosScanD and it had to be manually allowed by clicking on the check-mark box next to it):
Scenario 3 - Dragging and dropping the components does not populate them on the Full Disk Access List
Some customers will notice that when performing the steps, the 4 components do not get added to the Full Disk Access list and they receive the Welcome to Sophos Home message every time they restart their Mac. To resolve, please add an extra Sophos component to the list (either Sophos Installer or SophosScanD), by following these steps:
What to do:
1) Follow the Scenario 1 steps to access "Security & Privacy --> Full Disk Access" , click on the padlock to be able to make changes.
2) Once at the "Full Disk Access" section, use the "Add an application" + symbol to manually add SophosScanD and/or Sophos Installer
3) Look up each component using the top right search bar and click "Open" to add them to the list, one at a time. As SophosScanD and/or Sophos Installer get added, you should see the remainder 4 components populating the list (or be able to manually add them). Be sure that all the components are check-marked, as per Scenario 2.
Example with SophosScanD: (scrolling up/down may be needed to ensure all four components, plus SophosScandD/ Sophos Installer are correctly populating the Full Disk Access list , and are ticked with a check-mark )