When deploying the Malwarebytes Endpoint Agent on macOS Mojave 10.14 or macOS Catalina 10.15, Full Disk Access must be manually granted on the endpoint so Malwarebytes can scan all disk locations for threats. Due to Apple's Transparency, Consent, and Control (TCC) feature, Malwarebytes cannot access sensitive folders for potential threats until Full Disk Access is granted.
Create a Privacy Preferences Policy Control profile (PPPCP) to give Full Disk Access. Deploy the PPPCP using a User Approved Mobile Device Management (UAMDM).
Upload and deploy PPPCP using UAMDM
- Download the attached Malwarebytes_PPPCP.mobileconfig file.
- Upload the file to your UAMDM.
- Save and deploy your PPPCP by UAMDM as a device profile.