As our workshop guests found out, though, privacy preferences and recording protections can be managed in MDM with Catalina – as can the new support for Activation Lock on all Mac models with the T2 Security Chip. For example, as in Mojave, launching the Photos app for the first time creates a user library for future photos to be stored in, but the user must confirm privacy permissions before being able to access that folder.Ĭatalina extends this requirement to more apps, giving the user more of a say on the privacy of their device. In fact, Catalina picks up where Mojave left off by requiring user approval for access to certain application data. Apple operating systems always focus on user experience, and Catalina gives users more choice and control of their privacy settings than ever before. With security covered, it was time for an in-depth look at privacy features.
All software must be signed by Apple to run – although MDM admins can whitelist apps. Gatekeeper continues to ensure that apps installed to the device are checked for malicious code, but the notarisation that was optional in Mojave is now essential in Catalina by default.
System extensions and drivers built with DriverKit run in user space, so – unlike kernel extensions – they can’t compromise the integrity of the operating system.įurther security improvements come in the form of Gatekeeper notarisation. Next, we looked at System Extensions, a replacement for kernel extensions that allows apps to provide additional capabilities like network extensions and endpoint security to a user’s Mac. For IT managers, this means that a new read-only volume will be created when upgrading to Catalina from an earlier macOS, while user data will be kept separate. Guests heard how macOS Catalina features a read-only system volume – effectively an extension of the System Integrity Protection technology introduced in OS X El Capitan – that protects the device by separating system files from all other data to prevent malicious changes or accidental overwrites. Good device security has always been a concern for IT managers, but its importance has been highlighted further in recent months, with reports on how as many as 57% of companies have experienced a cybersecurity breach within the last three years. We began with a bit of background to the new macOS and why security was a top priority in developing Catalina. With Catalina released just over a month earlier, the event gave guests their first look at its new features and MDM functionality. Alongside Dave were representatives from Apple and Jamf, on hand to discuss the finer details of macOS Catalina and mobile device management (MDM) respectively. Dave Hornby, Jigsaw24’s Director of Apple Enterprise Architecture, welcomed our guests at 8 Golden Square.