Data Protection

Suggest, discuss, and vote on new ideas for Sophos Data Protection products. Protecting your data, wherever it goes.

Data Protection

Suggest, discuss, and vote on new ideas for Sophos Data Protection products. Protecting your data, wherever it goes.

Suggest an Idea...

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. windows 10 poa

    Implement Windows 10 POA with Smartcards like in Windows 7. Only the BitLocker PIN is not Enterprise ready in my humble opinion..

    50 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  2. safeguard outlook 64 bit

    Safeguard Outlook 64 bit is not supported - please get this supported.

    49 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  SafeGuard Enterprise File Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  3. SGN8: application based encryption: prevention of decryption

    With SGN8 and application based encryption users also have the possibilty to manually decrypt encrypted files or to create password protected HTML5 containers (which has the same effect) by using the context menue. One of the first questions customers ask us: can I prevent users from doing this?
    Actually I can't. So the feature request is: policy based elimination of the possibility to manually decrypt encrypted files to prevent data leakage.

    48 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  SafeGuard Enterprise File Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  4. Please add YubiKey to the supported smartcards

    Could you please add YubiKeys to your supported smartcards as it's a convient smartcard with multiple use cases. e.g. certificate based user authentication, otp functionality, code signing

    37 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  SafeGuard Enterprise File Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  5. Define Password Complexity from Central

    Please add some more Bitlocker configuration possibilities, like the option to configure the password complexity, as described here:
    http://windowsitpro.com/security/q-how-can-i-set-password-complexity-removable-bitlocker-protected-devices

    35 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Sophos Central Full Disk Encryption  ·  Flag idea as inappropriate…  ·  Admin →

    This is on the backlog for a future release.
    We can’t control the GPO settings for the password complexity which means that if the Admin overrides password rules via central GPO settings then we can’t enforce the Central Device Encryption password rules on the endpoint. However, if there are no password rules defined via GPO, the Central Device Encryption password rules will apply.

  6. Support for Central Device Encryption on Server platforms

    Manage BitLocker on Server platforms and also support a cost-effective decommissioning process of drives.

    35 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Sophos Central Full Disk Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  7. Enable User Switching?

    Didn't catch this lack of support of a basic Windows feature until launching our wide rollout to the hospital PCs. Disabling U.S. might be fine in enterprise large office environments where a cube-dweller uses their dedicated PC for an 8 hour shift. But your product strangles a feature that's ingrained in smaller medical / industrial / retail PC usage. Without U.S. ability, using SafeGuard means a nurse has to close their apps (usually an EMR, Radiology, Lab reports web-view, security system monitor, etc.) and log out completely every time she has to leave the station to bring a new mother…

    35 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  8. network aware POA

    Ability to have Network Aware POA on machines (especially BitLocker as there is no user-based POA).

    Many customers need the ability to disable POA on devices in the office - for example shared machines. If the device is stolen, then POA should be enabled immediately. We are currently working on a 3,000 user company with Call Centre who love what we can do in Win7 but need a comparable approach for BitLocker managed machines.

    This would apply for Central as well however we have a larger SGN deployment base today so SGN is the most important starting place.

    32 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  9. Remotely trigger a PIN reset from the Central Dashboard for machines using encryption.

    Having the ability to force a user to change their PIN via a request from the Central dashboard would be useful. We've gotten a number of requests for the ability to do this from sysadmins.

    31 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Under Review  ·  0 comments  ·  Sophos Central Full Disk Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  10. Microsoft Edge

    Support Microsoft Edge as a Browser Destination for DLP. This is the default browser for Windows 10, and it cannot be removed.

    The browser destination features of DLP are severely limited without this.

    31 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  11. Support for BitLocker To Go

    Manage full disk encryption on removable media by introducing a new policy setting for BitLocker To Go.

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Sophos Central Full Disk Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  12. Filestream Google

    Although Google Drive Encryption files is supported by Sophos, FileStream it is not. It would liberate resources from computer as it is not mandatory to have files downloaded. As Safe Guard 8.1 encrypts files in local it doesn't work with this cloud resource.
    Dropbox has a similar resource.

    23 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  SafeGuard Enterprise File Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  13. Windows Lockscreen Configuration

    At the moment it is not possible to configure the windows 10 locksreen if Safeguad is installed.
    Please make it possible to let the admin choose if it is possible or not.
    Best would be to configure it via Windos GPO. To configure it via Safeguard policy would be an alternative way.

    22 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  14. Bitlocker GPO/Policy-RSOP-Tool

    Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption

    It is possible, that SafeGuard (or Central) Policies collide with Bitlocker GPO without recognizing it.
    It might be confusing to separate SGN local cache values with Bitlocker registry-entries.

    A simple Client tool should match HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE with die LC-Policies and create a *.xml into %ALLUSERSPROFILE%\Utimaco\SafeGuard Enterprise\

    In this folder the log is automatically gathered by the SDU without changing and can be used even on older SG-versions.

    The shortly described values should be matched as a simple "match"/"mismatch"/"not configured" to easily see possible configuration errors.

    The tool is independent from the client itself and can…

    17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  15. Official support for VMWare Horizon (former VMWare VDI)

    Customer switch its desktop environment to VDI environment. They need official support for this VDI platform.

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  16. Support Apple Open Directory with SGN

    OSX client based on Apple Open Directory should be fully manageable with the SGN Management Center.
    FileVault2 and File Encryption policy should be fully applicable for those kinds of objects (machines and users).
    Use cases like re-image of client or re-name of user should be part of implementation.

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  17. Ubuntu

    to allow the encryption and management of Ubuntu workstation as part of SafeGuard Enterprise

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  18. Filestream Google

    Although Google Drive Encryption files is supported by Sophos, FileStream it is not. It would liberate resources from computer as it is not mandatory to have files downloaded. As Safe Guard 8.1 encrypts files in local it doesn't work with this cloud resource.
    Dropbox has a similar resource.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  SafeGuard Enterprise File Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  19. Turn on SGMTrace-Logging via button

    The SGMTrace-Logging could be "acitivated" and "deactivated" (= changing Minimumtracelevel from 5a to 0 and back) via buttons in the about-box of SGN.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  20. Allow Mass Verification of Key Presence in SGN Database

    There should be a process, field, alert, literally ANYTHING that allows us to check, en masse, the presence of a valid recovery key. The only way to make sure that a valid key exists is to check the machines manually.

    We have had issues with Surfaces, where the key becomes corrupted or lost or something, and we don't realize there is a problem until we have to actually do a recovery.

    Other products have an alert or something that says when a client is in a state that isn't optimal. SGN does not. It should be easy to query the…

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
← Previous 1 3 4 5 6
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.