Is there a way jamf can force FileVault encryption automatically to connected usb devices? This of course is for security ensuring company confidentiality.
Thanks
Question
FileVault
+1
+5We had the same question a few months back. Jamf currently doesn’t have the built-in option to force external volumes to be encrypted.
I started looking into how to enforce this with a launchd item and a script, but had to focus on another area before I was able to write something. You could use the launchd item that’ll watch /Volumes for any changes, which will then in turn run a script that’ll do the checking but I’m not sure if that would be the best way. Once I get back to the project and come up with something I’ll post it here.
There are also third party solutions that do that but I haven’t used any of them so I can’t say how well they work. McAfee has a feature to monitor external devices and enforce encryption.
Here’s a feature request that mentions the same thing you’re trying to do and has other third party options.
https://www.jamf.com/jamf-nation/feature-requests/2878/encryption-for-removable-media
+18If you're happy with the built-in encryption on macOS, a script with a launchdaemon would be able to do it. That being said, it would be pretty risky so would need a lot of error checking and testing.
Alternatively, a third party solution likes the ones mentioned above would work. Most of the anti-virus vendors are offering that type of feature now, along with specialist data loss prevention companies like EndpointProtector.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.