Encrypt Your Mac with Robot Cloud
SUMMARY - Enable FileVault
- Open Self Service from your Applications folder (or from SupportMenu in your menubar).
- Select the Security category on the right to locate (or search for) Encrypt Your Mac and click the Encrypt button.
- You will be prompted to Restart your Mac and presented with the following notifications to complete the process.
DETAILS: What To Expect
- Once activated from Self Service, you will receive the following notification:
- After restarting you will be prompted to enable FileVault:
- After selecting Enable Now you will receive the following message:
- Upon clicking OK, you will be logged into the Desktop and can continue working as usual. No further action is required and the encryption will continue to run in the background. You can view the encryption status by opening System Preferences > Security & Privacy > FileVault (as per the screen grab below).
Running macOS 10.13 High Sierra?
Because FileVault behaves differently on Macs running 10.13, and the matter is compounded with APFS volumes, the existing Encrypt Your Mac policy will not work. As such, for now, we have excluded all 10.13 Macs from seeing Encrypt Your Mac as an option.
Currently, we’re caught between the macOS having issues related to FileVault and the quirks with Jamf Pro (both v9 and v10). We saw a similar situation last spring with 10.12. It was not until 10.12.4 came out and Jamf Pro v9.7 that all parties started working with one another. For now, we’re in another support gap and need to work around it.
If you have a 10.13 Mac, you’ll need to manually encrypt it and record the Recovery Key.
From the user's account, manually start the FileVault process in System Preferences > Security > FileVault. Opt to create a Recovery Key. When presented with the Recovery Key, copy the following into a safe location:
- Computer Name
- Serial Number
- Recovery Key
Restart or Log out of the user’s account (and back in) to kickstart the encryption process
We will update these instructions as needed. Hopefully, in the spring we can go back to an automated process.