Since version 10.15, macOS has utilized a granular permissions system to limit applications' access to important system or user files.
Some functionality in Kolide may not work correctly if a privilege called "Full Disk Access" is not granted to the Kolide agent.
Why does Kolide need full disk access?
Kolide needs full disk access to perform the following tasks:
To list other apps that also have disk access that may not need it.
To inspect system files that give us a better understanding of the security of the device.
To look for evidence of plain text credentials in your downloads, documents, and desktop folders.
Finally, to read the file name of our installation package to assist with user-to-device association.
Kolide takes having full disk access to you and your end-user's Mac very seriously and will never transmit the content of your personal files to our server.
If there are questions or concerns about this, please contact us at email@example.com, or speak with your admin.
How to Grant Full Disk Access:
First, click on the Apple icon on the top left corner and select System Preferences.
From here, you will want to go to Security & Privacy.
Once here, click on the Privacy tab, and scroll to Full Disk Access.
In the bottom left corner, click the lock to make changes. This will prompt you for your computer password. Type that in and click Unlock.
Click the '+' button to add a new permitted application:
Now, on your keyboard, press Command+Shift+G.
In the dialog that appears, type in
/usr/local/kolide-k2/bin/launcher and click Go.
This easily finds Kolide's agent (named launcher). Click Open.
Great! Now Kolide is primed and ready. Here is what this will look like:
That's it! You can close this window, and Kolide can now run its security checks. Thank you for your time!