Data Protection

Suggest, discuss, and vote on new ideas for Sophos Data Protection products. Protecting your data, wherever it goes.

Data Protection

Suggest, discuss, and vote on new ideas for Sophos Data Protection products. Protecting your data, wherever it goes.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. windows 10 poa

    Implement Windows 10 POA with Smartcards like in Windows 7. Only the BitLocker PIN is not Enterprise ready in my humble opinion..

    50 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  2. network aware POA

    Ability to have Network Aware POA on machines (especially BitLocker as there is no user-based POA).

    Many customers need the ability to disable POA on devices in the office - for example shared machines. If the device is stolen, then POA should be enabled immediately. We are currently working on a 3,000 user company with Call Centre who love what we can do in Win7 but need a comparable approach for BitLocker managed machines.

    This would apply for Central as well however we have a larger SGN deployment base today so SGN is the most important starting place.

    32 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  3. Windows Lockscreen Configuration

    At the moment it is not possible to configure the windows 10 locksreen if Safeguad is installed.
    Please make it possible to let the admin choose if it is possible or not.
    Best would be to configure it via Windos GPO. To configure it via Safeguard policy would be an alternative way.

    22 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  4. Bitlocker GPO/Policy-RSOP-Tool

    Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption

    It is possible, that SafeGuard (or Central) Policies collide with Bitlocker GPO without recognizing it.
    It might be confusing to separate SGN local cache values with Bitlocker registry-entries.

    A simple Client tool should match HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE with die LC-Policies and create a *.xml into %ALLUSERSPROFILE%\Utimaco\SafeGuard Enterprise\

    In this folder the log is automatically gathered by the SDU without changing and can be used even on older SG-versions.

    The shortly described values should be matched as a simple "match"/"mismatch"/"not configured" to easily see possible configuration errors.

    The tool is independent from the client itself and can…

    17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  5. Support Apple Open Directory with SGN

    OSX client based on Apple Open Directory should be fully manageable with the SGN Management Center.
    FileVault2 and File Encryption policy should be fully applicable for those kinds of objects (machines and users).
    Use cases like re-image of client or re-name of user should be part of implementation.

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  6. Ubuntu

    to allow the encryption and management of Ubuntu workstation as part of SafeGuard Enterprise

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  7. Turn on SGMTrace-Logging via button

    The SGMTrace-Logging could be "acitivated" and "deactivated" (= changing Minimumtracelevel from 5a to 0 and back) via buttons in the about-box of SGN.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  8. Allow Mass Verification of Key Presence in SGN Database

    There should be a process, field, alert, literally ANYTHING that allows us to check, en masse, the presence of a valid recovery key. The only way to make sure that a valid key exists is to check the machines manually.

    We have had issues with Surfaces, where the key becomes corrupted or lost or something, and we don't realize there is a problem until we have to actually do a recovery.

    Other products have an alert or something that says when a client is in a state that isn't optimal. SGN does not. It should be easy to query the…

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  9. SafeGuard Watchdog should also monitor status of SGNAuthService and reset it if it hangs

    SafeGuard Watchdog should also monitor status of SGNAuthService and reset it if it hangs. Customers provide feedback that if the SG Credential Provider will not show up when trying to login a manual restart of SGNAuthService will help.
    So why not using our own watchdog to get rid of this issue?

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  10. URGENT - Prevent SGN to Change AD Password

    When a network user logon to a computer with SGN installed and the user´s password is expired, SGN requests a password change.

    SGN must have a way to disable this feature, preventing request a new password to network users when company uses a external Password Manager.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  11. Safeguard Policy “access denied if no connection to server (days) (0=no check)” on machine with BitLocker

    The Safeguard Policy “access denied if no connection to server (days) (0=no check)” ability to get the same policy control preventing access on machine encrypted with BitLocker client being managed by Safeguard Enterprise

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  12. Trigger a PIN reset for a specific machine from the SafeGuard Management Center

    On-premise SafeGuard Enterprise customers have been requesting the ability to remotely trigger a PIN reset for specific machines.

    A context menu item via right-clicking a Machine Object in the Management Center triggering a PIN reset the next time the SafeGuard client syncs would be the best implementation for this feature.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  13. Safeguard 8 Managed Client Enhancement request for SafeGuard to disallow “suspension” of BitLocker on client.

    Safeguard 8 Managed Client Enhancement request for SafeGuard to disallow “suspension” of BitLocker on client.

    the FDE capability are primarily governed by the following requirements:

    ·
    Maintain or improve existing security posture of the Windows 7 platform

    ·
    Ensure end users cannot suspend/remove installed security controls

    As our current FDE solution in the Windows 7 environment prevents end users from suspending/removing full disk encryption provided by Sophos Safeguard 7.x, we are looking to preserve the same level of security in
    our upcoming Windows 10 platform

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  14. Ability to change the Windows 7 lock screen account picture

    Currently in Safeguard Management Center there are options available to change the background and logon image used at the POA, but no options to change the Windows account picture to say something more personalised for a company for example and it the program overrides whatever Windows 7 has it currently set to. It would be a nice touch if it was possible to have this ability added into Safeguard in some way, if possible please.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  15. Sophos Enterprise client

    Sophos Enterprise client should display client agent status regards to the disk encryption status. End user should be able to confirm endpoint encryption status.
    I’m fully aware about the SGNState tool.

    Thank you.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  16. support for Smartcards that are mapped to multiple accounts

    Provide support for Smartcards that are mapped to multiple accounts.

    https://blogs.technet.microsoft.com/askds/2009/08/10/mapping-one-smartcard-certificate-to-multiple-accounts/

    Because as IT-Guy i dont want 2 cards ... one for my daily work and on for my administrative work. With the Windows Credential Providers this works like a charme

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  17. Remove old clients from Management Center via GUI

    Customer is asking for the possibility to remove old clients via a GUI window "en bloc" - means that user should get a window with criterias (like last server contact date) to pre-select shown clients and the her should be able to tick mark all clients that should get removed from database.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  18. skylake and newer windows 7 POA

    The POA screen needs to be improved in V8 to fully support tokens (2 factor) and other usb devices.

    According to articale 123749:
    USB devices such as smart cards, tokens, and possibly some external human interface devices (HIDs) do not work on SafeGuard Device Encryption POA. These devices interact with the Extensible Host Controller Interface (XHCI), which is not planned to be supported by Sophos SafeGuard Device Encryption.

    This is simply unacceptable as bitlocker does not support hardware 2 factor either. This needs to be revisited.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  19. SGN - blocking installation of unwanted modules

    One of our customer would like to be able to block the installation of modules which have not been purchased.

    By default, the xml licence file does contain some default values, and it looks like the installation executable does not check the licence count, as the only count is done at the beginning of Safeguard Management Center.

    Customer would like to make sure that it would not be possible to install non purchased modules.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  20. 4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)
    You have left! (?) (thinking…)
← Previous 1
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.