File Check
Automatically adjust Trust Levels and enforce security policies based on whether specific files are on a device
- Updated on Nov 27, 2024
- File Check Overview
- File Overview
- How to add File Check as a Trust Factor
- How to add a file to the File Check Factor
- How to edit or delete a file from the File Check Factor
File Check Overview
Security policies often require that devices contain specific files. Admins can establish a list of files required on devices in their organization. They can also add a SHA-256 hash of the file, to verify its integrity (i.e., that the file has not been modified). The File Check Trust Factor supports macOS, Windows, and Linux operating systems.
File Overview
Adding a file to the File Check Factor means entering where the file is located (i.e., the file path). The path of the file can be the user path or the absolute path. Finally, each file must have at least one OS selected.
How to add File Check as a Trust Factor
-
In the Command Center, navigate from Trust > Profiles.
-
Either select an existing Trust Profile or create a new one.
-
Under the Trust Factors tab, select + Add Trust Factors if creating a new Trust Profile; select Edit and then +Add Trust Factors if adding new Trust Factors to an existing Trust Profile. Select File Check.
-
Set the Trust Effect.
For steps on how to add a file to the File Check Factor, proceed to the next section.
How to add a file to the File Check Factor
Note: If you have a macOS or Ubuntu device and you want to add a user directory file (e.g., $Home/<Documents/Downloads,etc…>/somefile.txt), you will need to enable permissions for the CSE app to access this file. Under System Settings, navigate to Privacy & Security > Files and Folders > Banyan, and toggle on access permissions for the Documents Folder.
1. Select + Add File Check Factor, and select + Create a File.
2. Enter a File Check Factor Name. Note that the Factor Name will be displayed to end users if the Trust Factor is not satisfied by their devices.
3. Select all applicable Operating Systems.
4. Enter a File Path. The file path can be set relative to the root or home directory.
5. Optionally, set a SHA-256 Hash. This can be used to verify the integrity of your file, and only devices whose hashes match the one entered here will satisfy the File Check Trust Factor.
6. Select Save.
How to edit or delete a file from the File Check Factor
-
Navigate to an existing Trust Profile to the Trust Factors tab.
-
To delete a selected file, locate the File Check factor, hover over the selected file name, and select the x.
-
To edit a selected file, locate the File Check factor, hover over the selected file name, and select the name. This will allow you to modify the file name, applicable Operating Systems, and/or the file path. It will also allow you to add or remove a SHA-256 Hash.