Directory and file control in EPM macOS allows you to define specific permission policies and block access to critical system paths or sensitive files on devices with the EPM agent installed.
With this functionality, it is possible to:
- Prevent users from modifying, reading, or deleting specific files and folders.
- Monitor unauthorized access attempts to protected files.
- Define rules based on the absolute path of directories and files in the operating system.
- Apply policies with granularity per device or per user.
Available Features
Control rules can be configured based on the following parameters:
- Directory or file path.
- Operation type: read, write, delete, execute.
- Action: allow or block the operation.
- Segregation: apply by devices, users, or generally.
- Immediate application via active policies.
Applicability
Directory and file control is indicated for environments that require:
- Protection of system configuration files and binaries.
- Restriction of access to sensitive or confidential documents.
- Implementation of compliance and enhanced security requirements.
- Monitoring of critical activities for audit purposes.