Hi,
Is there any way to prevent a user from downloading software from the internet as a dmg and then instead of dragging it to the computer application folder (which then prompted for admin level permission) they drag it to a folder in their home folder named applications instead. They are then able to run the software as though it had been installed on the computer, however, they are never prompted to use admin authentication.
I can confirm we have been able to install of sorts of software without admin authentication this way. Since all of our teachers are using MacBooks and we are required by our insurance company to not allow this behaviour I am wondering if there is a way to shut this capability off? I am worried that someone will install software that could represent a security risk. We do have a way for staff to request access to software they would like, however, the software always needs to be approved first for privacy, security and licensing reasons.
We are using JAMF School as our MDM. We are not using Apple Managed Id's, although we have them set up and ready to go.
Hopefully, there is a simple solution I have overlooked!
Thank you!
Clint Elliott, Director of Technology, Lakeland Catholic School Division, Alberta Canada.
June 24, 2024
We are going to restrict gatekeeper to App Store only, and control apps from there. Once apps are installed they can still update even if they are not from the App Store - ie., zoom, Smart Notebook, etc.
So problem sovled.
This action is unavailable while under moderation.
This action is unavailable while under moderation.