Data Protection

Suggest, discuss, and vote on new ideas for Sophos Data Protection products. Protecting your data, wherever it goes.

Data Protection

Suggest, discuss, and vote on new ideas for Sophos Data Protection products. Protecting your data, wherever it goes.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Enable User Switching?

    Didn't catch this lack of support of a basic Windows feature until launching our wide rollout to the hospital PCs. Disabling U.S. might be fine in enterprise large office environments where a cube-dweller uses their dedicated PC for an 8 hour shift. But your product strangles a feature that's ingrained in smaller medical / industrial / retail PC usage. Without U.S. ability, using SafeGuard means a nurse has to close their apps (usually an EMR, Radiology, Lab reports web-view, security system monitor, etc.) and log out completely every time she has to leave the station to bring a new mother…

    39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  2. Reflexion - Notify domain owner when email address placed on BadMail list

    Recently, one of my outgoing email addresses was placed on your Badmail list. I didn't know for two days so I had two days of email that was supposed to go to my customers that failed and won't be retried. Being notified that it was placed on the Badmail list would be much appreciated!

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow delegation of exporting Bitlocker recovery keys

    Exporting Bitlocker recovery keys is currently being restricted to Master Security Officers only. This is insufficient for daily business in large organizations. MSO role should be restricted to very small group of people. If this small group of people is unavailable, then nobody is able to recover a Bitlocker client. For this reason the feature of exporting Bitlocker recovery keys should be delegable to "normal" Security Officers.

    Alternately there should be an option to export recovery keys by a script.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  4. Azure database support

    Please support Azure-hosted MS-SQL databases in Safeguard. It is one of the only products in our shop that still requires us to spin up a full MS-SQL server in order to host it.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  5. Official support for VMWare Horizon (former VMWare VDI)

    Customer switch its desktop environment to VDI environment. They need official support for this VDI platform.

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  6. SGLC Client support XenApp 7.15

    SGLC Client should support XenApp 7.15 terminal services on Windows Server 2016

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  7. Enable Destination Exclusions in Data Loss Prevention Policy Control Panel

    I want to be able to use the Data loss prevention feature in Sophos Cloud Enpoint Protection.

    Problem is, we are unable to use it as when enabled, it also blocks us uploading files to our internal intranet sites via IE. I can see no way of setting destination exclusions for the data loss prevention feature. Which basically truns a potentially amazing feature into an unusable technical tease.

    My suggestion is to add destination exclusions to the Data Loss Prenetion Policy. It should allow file transfer exclusions for internal addresses and allow manual destination exclusions. i.e. Blocks transfers via WeTransfer…

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  8. Data discovery

    The EU General Data Protection Regulation (GDPR) is the most important change in
    data privacy regulation. We need to answer the question "where is PII data" to protect. It would be great if we could identify where PII data is by using Sophos.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →

    What’s being requested here sounds like a data at rest feature, this is a lot different from what we have today, we don’t currently have any plan to add this type of feature in our products. We are looking at GDPR and the current DLP feature to see what we would need to do to be able to support the GDPR requirements from a data in motion aspect.

  9. Remove SGN Credential Provider dependency

    Remove the dependency of the SGN Credential Providers and use the Windows standard Providers for Authenticating Users with and without smartcards.
    So the Software is more standard compliant and many problems are solved.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  10. Include support for preselecting a domain at the Credential Provider

    Requested by Customer:
    When an environment is made up of two domains with a federation trust, there is no way to preselect a domain, or force an alias, at the SafeGuard Credential Provider, but at the Windows provider, this can be controlled by a GPO.
    Ex. There is a trust between domain 1 and domain 2, machines in both domains are presented with their logon domain as "domain" at the provider and have SSO to both domain 1& 2 for applications etc. The names domain 1 & 2 are hidden from the end-user.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow administrators to configure alert settings

    Really need to have the ability to manage alerting from the Sophos Central console.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add SGN 8 policy to automatically Decrypt outbound Outlook file attachments

    SGN 8 Synchronized Encryption requires an add-in to manually specify that outbound attachments should be decrypted, or encrypted with a password, or sent as is, but this is not necessary or desirable if there is already an email encryption system in place. I don't want to have to force my users to decision each attachment with SGN when I already have a better email encryption solution in place. There should be auto-decrypt zones such as "outbound outlook attachments".

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  13. Need to add IDENTITY FINDER to your list of applicaitons to cotrol

    Your application control feature is currently seeing Identity Finders "SHREDDING" function as ransomware and throwing false alarms. We have no way to stop the false alarms as identity finder is not listed in the list of applications to control or not control

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  14. Data Control option to scan only when uploading not while downloading

    Data Control scans files both when downloading and uploading files to the web which is crazy...

    Well it's fair enough to have the option.

    Data Control can take ages to scan files...

    I think there should be a setting within the policies to only scan in one direction up, down of both.

    We use it as data loss prevention software to log sensitive going out the building, it grinds on our process when scanning every downloaded file.

    Thanks.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  15. SGN Installer should always log with extended msi-logging

    The SafeGuard client installers should log every installation and uninstallation with the paramter /L*vx to a documented folder.
    In case of error and/or compatibility issues the behaviour would be logged.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  16. SGN Installer should always log with extended msi-logging

    The SafeGuard client installers should log every installation and uninstallation with the paramter /L*vx to a documented folder.
    In case of error and/or compatibility issues the behaviour would be logged.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  17. AD Sync check

    Our customer had an issue recently, with the SGN console not able to push the AD modifications to the SQL database ; as a consequence, all the users went out of the domain, and were not having the regular policy. Customer found the root cause of this issue, which is the adding of a domain in self-reg, with the Netbios name "XX" (existing one), followed with the renaming of the correct one. We know that this action is not done by our APIs, which are only getting the information.

    In order to no longer have this situation reproduced (it happened…

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  18. encrypt zip file

    Sophos DLP can not block .zip files with password.
    Blocking works only for passwords placed directly on files, such as .xls or .doc, but if the file is without a password and the password is put into compression, the tool can not recognize and lock the file.
    With this it is possible to leak information, causing a large breach in data security.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  19. Block recepient address in SMTP proxy

    The option is required to block recipient email address in SMTP proxy to block users sending to their personal email accounts or to control recipient address if users are sending email to resigned employees by mistakenly.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  20. Safeguard 8.0 collect addition inventory information 'MAC' address of client machines to help identify in addition to hos

    Safeguard 8.0 Feature request to collect addition inventory information 'MAC' address of client machines to help identify in addition to host name.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.