Data Protection

Suggest, discuss, and vote on new ideas for Sophos Data Protection products. Protecting your data, wherever it goes.

Data Protection

Suggest, discuss, and vote on new ideas for Sophos Data Protection products. Protecting your data, wherever it goes.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Background DLP scan for Inventory

    DLP content control list data inventory.
    Add the ability to schedule or kick-off a full scan for files on the filesystem that match content control lists. This will allow users to discover where files which contain sensitive data on their servers may be located and alert if future files show up in places where they should not be.

    11 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  2. Data Loss Prevention URL Whitelisting for Browser

    Data Loss Prevention should be able to allow or block a file with specific extensions downloaded from particular Whitelisted URL in a browser.
    The same file can only be uploaded to that specific Whitelisted URL in a browser but should be blocked on other URLs in browser.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  3. Disable the postponed tab from the Sophos encryption endpoint.

    We have created in our policy below sections,


    1. Enabled Require startup authentication

    2. Enabled new authentication password/pin from users after 3 months

    By creating we have seen users are just postponing the new authentication and we are getting this alerts after 5 times postponed by user which is a big thing to troubleshoot.

    If we can disable the postponed tab in the dailouge box poped out automatically from sophos we can reduce this unnecessary alerts.

    And we have 1000 users environment enrolled which is very much difficult to maintain and we need to enforce our policy mentioned above.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  SafeGuard Enterprise Full Disk Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  4. Record the user's file operation details those associated with a peripheral

    We need more event logging information to show the user's file operation details associated with a peripheral. This is very very useful for generating data leakage evidence reports.

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  5. Data Loss Prevention Events Logs

    İt should be possible to view data loss prevention events logs for 1 year or more with policy. It can be viewed last 90 days for now. It is not enough. If it increases , it will make it useful.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  6. After disabling pin via CMD, Sophos Encryption should produce warnings and ask for a new pin.

    Disabling the pin in a TPM+Pin configuration via command line on the local machine for Sophos Central Encryption never prompts for a new pin, or generate any alerts. Using the command "manage-bde -protectors -add C: -tpm" removed the pin requirement from the machine. After it is disable and the machine reboots multiple times, Sophos never asks for a new pin, despite the "Require startup authentication" being turned on for the policy of that computer. Additionally no warnings of this happening are generated, no emails are sent, the machine remains green with the checkmark. The only indication is that the Authentication…

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Sophos Central Full Disk Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  7. Safe Mode Protection in Windows

    Sophos EPP currently do not control the user when logged in Safe Mode, which can be threatening to the data security on both Client & Server side.

    Sophos must figure out, to prompt Tamper Protection Password immediately after Safe Mode Login by the User. Only after validating Tamper Protection Password, User would be able to use the Computer.

    This Tamper Protection Password prompt must be User role managed.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  8. create the password-protected file with the expiry date

    I got a lot of requests that Sophos should has this feature.

    while creating the password-protected file, Sophos should have the ability to set the expiry date in order to protect the file that sending out of the office.

    30 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  SafeGuard Enterprise File Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  9. Safeguard - Feature idea - User defined key when using device Password

    Hello,

    I want to share a feature idea for Sophos Safeguard.

    When encrypting a removable device like a USB stick, there is an option to set the key which is used to encrypt the data. This option only works when you don’t set media passphrases. If you define a passphrase for the USB Stick the users key gets used. I would like to request that both options in combination still work.

    To describe the scenario. An employee has a USB drive and encrypts this device then everyone else in the company should be able to access this data without the…

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  SafeGuard Enterprise File Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  10. outlook domain inclusion list

    In addition to the Outlook add-in "Always ask how to proceed with attached file" policy exclusion list, I'd like to see an inclusion list. For most of our clients, we handle data that doesn't need to be secured. There are a few domains for financial institutions and other organizations where we do tend to handle more sensitive data for. I'd love to have "always ask" on for just those domains we need to be more secure with.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Sophos Central Full Disk Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  11. RDP data transfer

    Can we include restricting and monitoring data movement between RDP connections and local system using DLP

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  12. Using Sophos Encryption with DLP

    Per support it is apparently a bug to run Sophos encryption with DLP at this time:

    https://community.sophos.com/kb/en-us/120861

    We have rolled out encryption in phase one and was intending to implement DLP in phase two. All attempts to use DLP in our pilot program leads to everything being blocked due to encryption.

    This post is to simply track the progress of the bug fix release to allow both solutions to work together.

    5 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Sophos Central Full Disk Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  13. FastUserSwithing no longer works after uninstall

    once uninstalled, SGN does not restore the functionality that was initially activated on the workstation (nor even warns the admin that the workstation will not be returned to its initial state): FastUserSwithing no longer works

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
  14. Disk encryption in other ways

    Unfortunately, there is currently no way to automatically authorize company notebooks if they are on the company network. No matter whether with or without TPM.
    Furthermore, there is no way to assign the encryption password Central, so that not every user can enter their own.
    Unfortunately, there is also no way to create central sticks that are required for encryption.
    Windows offers these options with Bitlocker, but it is not yet centrally supported by Sophos Device Encryption.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Sophos Central Full Disk Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  15. Exception of a DLP case

    If you have a key file that is not read directly via Explorer, it is simply blocked and there is no possibility of including it in the exceptions unless you deactivate the DLP on the client concerned. Of course, this is a bit of a hassle for companies.
    We discovered the problem at Starmoney. A file is created there, without which it is not possible to open Starmoney. Bad if this is then blocked by the DLP.
    According to the support, I should then deactivate the DLP and work in Starmoney and then reactivate it, which of course is not…

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  16. Linux full Disk Encryption

    Hi,

    It will be nice to have full disk encryption for Linux RedHat, Centos and Ubuntu. Especially these days when government require encryption on their machine. These distributuins are the most used

    Unlike Luks encryption, users should not need to decrypt the disk with a pass code before logging with their domain name.

    Encryption should be controlled from one central point

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Sophos Central Full Disk Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  17. web user option to ask administrator to allow permission to access a website or category

    web user option to ask administrator to allow permission to access a website or category.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  18. DLP Scan Clipboard and Email

    It would be great if DLP could scan the clipboard, and in and outbound email for text matching the bank details profile.

    At the moment it only scans files containing card data, I would like to see it cover a more broad number of scenarios.

    We have found that users would be more likely to write or copy card details into the body of an email, then they are to go to the lengths of creating a file, adding the details, saving the file, and emailing it.

    Thanks

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  19. Amazon Workspaces environment needs Sophos SafeGuard Client

    More of our employees and contractors are using laptops remotely and we are creating Amazon workspaces for them to remote into so they are on the company network. Sophos SafeGuard Client does not install on workspaces as the environment is Server 2016 and Server 2012 emulating Windows 10 or Windows 7 for the user. Without the install, the users are not able to access any file shares that are encrypted on the network. This is the only service that is needed. We don't need to encrypt the workspace drive. This is preventing remote staff from working. The remote laptops cannot…

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  SafeGuard Enterprise File Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  20. The ability to encrypt all connected drives (USB, etc...), not just the local drive.

    I need to be able to encrypt all USB drives that get connected to our systems. We have a lot of users who backup up to external drives, which could easily be stolen. Also need to encrypt any usb flash drives that are being used as well. This is a high priority.

    18 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Sophos Central Full Disk Encryption  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6 7
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.