In this video Yash from Sophos Support shows you how to troubleshoot the known permission issue caused by Apple's new per application permissions policies.-. Catalina 10.15 introduced changes to permissions that block the installation of the CAA for macOS. The.der file cannot be dragged and dropped anymore into the Shared folder. This article describes the steps to resolve this issue. Applies to the following Sophos products and versions.
Version 1.5.3
New features
This version introduces support for macOS 11 Big Sur.
Version 1.5.2
New features
Added support for Secure Enclave (iMac 2019 and MacBook Air 2019).
Discontinued support for macOS 10.12.x.
Unsupported file system warning messages (for example a Linux partition) are now reported only once in Sophos Central.
We no longer list unsupported file systems when running the command-line tool 'seadmin'.
Resolved issues
| Issue ID | Description | 
|---|---|
| MACDP-854 | Resolved an issue in which the macOS message 'Enter a password to unlock' doesn't disappear after the same user password is confirmed. | 
| MACDP-847 | Resolved an issue in which encryption doesn't start when internet connectivity is disabled. | 
| MACDP-845 | Resolved an issue in which encryption doesn't start automatically until you have signed in again or restarted. | 
Version 1.5.1
New features
This version introduces support for macOS Catalina 10.15.

Version 1.5
New features
You can now rotate the recovery key without needing a password. This applies to macOS 10.14.
Added support for the newly introduced 'Dark Mode' on macOS Mojave 10.14.
Added support for Secure Enclave (iMac Pro and new MacBooks).
Added support to encrypt the boot volume only, which is a new policy setting in Sophos Central.
Added a check and a warning if the current user doesn't have a mobile account, which is needed to enable FileVault 2.
Added SDU support to the command-line tool seadmin (SDU information now contains seadmin result).
Resolved issues
| Issue ID | Description | 
|---|---|
| MACDP-573 | Resolved an issue with Sophos Central Encryption failing to send the recovery key to Sophos Central. | 
| MACDP-462 | Resolved an issue in which the recovery key was missing after upgrading to macOS High Sierra. | 
| MACDP-726 | Resolved an issue with SophosEncryptionD not handling the unexpected output of diskutil information. | 
1. Purpose of the article
This article will guide you to configure Device Encryption for Mac devices, this is a pretty cool feature and importantly it will help encrypt 1 or more hard drives to protect your data when it is stolen.
2. Configuration situations
Sophos For Mac Catalina
Thegioifirewall will prepare a machine running HDH MacOS Catalina 10.15.5 with Sophos Endpoint installed.
Then we will configure Device Encryption for this mac device.
3. Hướng dẫn cấu hình
To configure it we need to login to Sophos Central’s admin page with the admin account.
Next, go to Encryption> Policies> Click Add Policy.
The Add Policy panel appears, where you can choose encryption by device or by user that user is logged in on that computer.
Here I will encrypt according to the device with the following information:
- Feature : Device Encryption
- Type : Select Device (policies are assigned to device regardness off logged on user)
- Press Continue.
The Create New Computer Policy table will appear, we need to fill in the following information:
Sophos For Mac Catalina Full
Policy Name: Encrypt_MacOS
Tab COMPUTERS:
- We will select the computer that the Mac is using, here we will select the MacOS15’s Mac computer from the Available Computers panel and click the right arrow to switch this computer to the Assigned Computers panel.
Tab SETTINGS:
- We will press turn on the switch at Device Encryption is on.
- Next we have the option to Encrypt boot volume only, we only enable this option when we only want to encrypt the windows boot drive.
- Next we need to select Required startup authentication, which will restart the computer after you set the encryption password.
- Require new authentication password / PIN from users you will use this option when you want the encryption layer’s password / PIN to be changed frequently, after you enable this option you can customize how many months will change 1 time.
- The option Encrypt used space only is used only when you only need to encrypt the data drives.
- In this article, because the mac has only 1 drive to install OS, I just need to select Require startup authentication with this option, it will encrypt all the drives currently on the computer.
- Click Save.
After successfully configuring the policy back to the mac we will see a message stating that your machine is set to be encrypted and you are asked to enter a password.
After entering the password and pressing Encrypt, your mac will ask you to enable FileVault, click OK.
You then need to reboot and the login screen will show up as follows.
Sophos For Mac Catalina Version
At this point the encryption process has begun.
Sophos Free For Mac
Just log in with your local account using your normal computer.
To check how long the encryption process is taking place and which drive is encrypting you go to System Preferences> Security & Privacy> FileVault.
As you can see in the figure, the encryption took 23% and the encrypted drive was the OS drive.
The encryption process is happening implicitly, so feel free to use your computer. Once it’s done, it will say Encryption finished.
After booting the machine again, the encoder code is complete.

Comments are closed.