Ensuring data privacy in Macs using the Privacy Preferences Policy Control

Brendon Baxter

Jan 7, 2022

6 min read

When you install and run an application for the first time, you are met with a series of pop-ups requesting permission to access resources or data stored on your device. For example, when you install a social media app, the app may request permission to access the device’s camera, microphone and location.

This way, most apps ask for permissions that are required for them to function properly. Some apps may request permissions that are not necessary for their operation in any way. This opens the door for data breaches and vulnerabilities. This is a serious issue that must be addressed, both from a personal and organizational standpoint.

It’s known that organizations using Unified Endpoint Management (UEM) solutions like Hexnode, can remotely manage app deployment on Macs. What about the remote management of app permissions?

This is where Apple’s Privacy Preferences Policy Control or PPPC payload comes in handy.

What is Privacy Preferences Policy Control and why is it important?

PPPC is a privacy feature introduced for Macs running macOS 10.14 or later. This feature allows users to see what data each app has access to on their Mac device.

The main highlight of this feature is that all these settings can be controlled using a UEM via a configuration profile. Permissions for each app in a device can be sent as Configuration profiles. Single or multiple profiles can be sent to restrict an app’s access to data. When contradictory profiles are applicable applied to the same app, the more restrictive profile prevails.

With the introduction of PPPC, IT admins’ job of remote app management and configuration has become much easier. When a certain app is pushed to a Mac device, the permissions can also be sent to the device so that the app will require zero intervention from the end-user for the initial setup.

When end-users configure app permissions, they typically allow all permissions, even if some of them are unnecessary. This practice can be abused and used to obtain personal information.

PPPC is a powerful feature from a security standpoint. IT administrators can control which apps have access to resources on a Mac. This helps organizations ensure that no apps have access to data that isn’t required.

Permissions that are configurable using Privacy Preferences Policy Control

Setting  Description 
Accessibility  Specify whether an app can control the Mac device using the Accessibility APIs. 
Apple Events  Specify whether or not an app can send restricted Apple events to another process. 
Calendar  Specify whether or not an app can access the events information stored by the Calendar app. 
Camera  Can deny an app’s access to Camera services on the device. 
Contacts  Specify whether or not an app can access the contact information stored by the Contacts app. 
Desktop Folder  Specify whether or not an app can access the files in the Desktop folder. 
Documents Folder  Specify whether or not an app can access the files in the Documents folder. 
Downloads Folder  Specify whether or not an app can access the files in the Downloads folder. 
File Provider Presence  Specify whether or not a File provider app to access the knowledge of when a user uses a file managed by File provider. 
Input devices  Specify whether or not an app can access the input devices of the system. 
Media library  Specify whether or not an app can access Apple Music, music and video activity, and the media library. 
Microphone  Can deny an app’s access to use Microphone. 
Network volumes  Specify whether or not an app can access the files in the Network volumes. 
Photos  Specify whether or not an app can access the photos in the Photo Library. 
Post Event  Specify whether or not an app can use CoreGraphics APIs to send CGEvents to the system event stream. 
Reminders  Control an app’s access to data stored on Reminders. 
Removable volumes  Specify whether or not an app can access the files in Removable volumes. 
Screen recording  Can deny an apps’s access to capture the contents of the device display. 
Speech recognition  Specify whether or not an app can use the Speech Recognition of the system. 
System Policy All Files  Specify whether or not an app can access all the protected files in the device (includes access to other apps like Mail, Safari, etc and app data as well). 
System Policy administrator files  Specify whether or not an app can access the System admin files on the device. 

Figuring out the permissions required by an app

With the PPPC payload feature, you can configure a lot of permissions, but not all apps need all these permissions. You can find out what all permissions are necessary for an app by performing a small sample use of the app.

  1. In a test Mac device or even a virtual device install the required app.
  2. Run the app on the device and find out all the permissions requested by the app.
  3. In System Preferences, go to Security and Privacy preference and select the Privacy tab.
  4. If prompted, give the admin credentials and go through each option in the list. If the app is listed in an option, it means that the app requires that function to perform without any hiccups.

After the necessary permissions are figured out for an app, the permissions can be configured properly and easily.

How to configure PPPC

The PPPC settings under the Privacy tab in System Preferences –> Security and Privacy can be configured either manually or remotely using a UEM solution like Hexnode.

Configuring PPPC settings using Hexnode is a very simple process. For this, first, a Policy has to be created, where the configuration for each feature like Camera, microphone, etc. is specified.

Featured resource

Hexnode Mac management

Managing the large fleet of enterprise Mac devices can be tedious without an effective device management solution. Download the datasheet to learn more about Hexnode’s Mac-specific management strategies.

Download datasheet

Once the policy is created, the policy can then be associated with the target device/devices. Using a single policy, the PPPC configuration of either single or multiple apps can be done.

PPPC features that can be setup using Hexnode
Feature Default  Deny  Allow 
All files 
Desktop folder 
Documents folder 
Downloads folder 
Media Library 
 Network volumes 
 Removable volumes 
Screen recording  Let User authorize
Speech recognition 
System admin files 

Privacy Preferences Policy Control or PPPC is useful for enterprises that want to secure end-user data by limiting the personal/confidential info. exposed by apps installed on Macs. PPPC is particularly effective for remote app administration because app permissions can be specified remotely, reducing user intervention during the initial setup.



Brendon Baxter

Product Evangelist@Hexnode. Read. Write. Sleep. Repeat.

Share your thoughts