To help in preventing unauthorized uninstallations or client stops, Prey will not create any quick start icon, show up in any list of installed programs nor appear in the system tray in Windows. However, Prey is not immune to manual uninstallations. In order to prevent them, we suggest the following implementations:
- Only allow administrator access to relevant personnel: An admin password is required to uninstall Prey, or to stop the processes that involve the Prey for Computers client. If the user cannot access the task manager or activity monitor, they will not be able to stop the client.
- In Windows devices, prevent access to the C:\Windows folder: Prey resides in that folder - if the user does not have access to it, they cannot access the Prey log, nor delete the C:\Windows\Prey. This also has the added benefit of preventing the user access to critical device programs.
- Block boot access to USB ports and optical drives: this will prevent any user from booting the device with unauthorized access, along with preventing unwanted OS reinstallations.
- In Windows, lock access to the machine’s BIOS or UEFI behind a password: this will prevent unauthorized access to the device’s BIOS / UEFI settings, which could potentially circumvent any security measures you’re taking to secure access to the device. If you need assistance in doing this, please check out this handy document. (link a documento BIOS lock for Windows devices)
Permissions in MacOS
Due to privacy concerns, Apple requires additional permissions in order for the Prey for Computers client to run properly. These permissions will be requested during the installation process (if you use an MDM, you can set up the policy to grant or protect some of these permissions, but not all of them. Please refer to your MDM documentation or support if available) - if you don’t grant them, certain features may not be available. The list of permissions is:
- Full disk access: this permission is required for the execution of security actions. It will be granted to the following binaries: prey-user and bash.
- Screen recording: required for taking screenshots of the device for the missing report. The binary affected by this permission is Prey.
- Camera: required for taking pictures via webcams in the missing report. The only binary affected by this permission is Prey.
- Location services: required for gathering location data and complementing it with Wi-Fi triangulation. The only binary affected by this permission is Prey. This permission is critical for tracking devices.
Feel free to reach out to our Support team in case you have any questions on the limitations of the Prey for Computers client, or the permissions required for optimal operation.