Data Protection

Suggest, discuss, and vote on new ideas for Sophos Data Protection products. Protecting your data, wherever it goes.

Data Protection

Suggest, discuss, and vote on new ideas for Sophos Data Protection products. Protecting your data, wherever it goes.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Trigger a PIN reset for a specific machine from the SafeGuard Management Center

    On-premise SafeGuard Enterprise customers have been requesting the ability to remotely trigger a PIN reset for specific machines.

    A context menu item via right-clicking a Machine Object in the Management Center triggering a PIN reset the next time the SafeGuard client syncs would be the best implementation for this feature.

    10 votes
    Vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  2. Please add YubiKey to the supported smartcards

    Could you please add YubiKeys to your supported smartcards as it's a convient smartcard with multiple use cases. e.g. certificate based user authentication, otp functionality, code signing

    43 votes
    Vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  SafeGuard Enterprise File Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  3. Make available a simple, free utility for Mac users to decrypt SafeGuard files created on a Windows system.

    Make available a simple, free utility for Mac users to decrypt SafeGuard files created on a Windows system. If such a utility exists, inform the Sophos chat agents.

    Rather than have to set up a Windows VM for the express purpose of decrypting files, it would be awfully nice if there was a handy macOS utility one could use in place of the SGPortable.exe file that accompanies the media encrypted with the Windows SafeGuard products.

    7 votes
    Vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  SafeGuard Enterprise File Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  4. network aware POA

    Ability to have Network Aware POA on machines (especially BitLocker as there is no user-based POA).

    Many customers need the ability to disable POA on devices in the office - for example shared machines. If the device is stolen, then POA should be enabled immediately. We are currently working on a 3,000 user company with Call Centre who love what we can do in Win7 but need a comparable approach for BitLocker managed machines.

    This would apply for Central as well however we have a larger SGN deployment base today so SGN is the most important starting place.

    32 votes
    Vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  5. SGN - Message "old password"

    The Message to enter the old password (usually after resetting the PW by an AD-Admin) often confuses users and admins. The procedure is completly described in KBA 112239, but has to be delivered by the support.

    The message could be improved by directly mentioning or referring to KBA 112239. This could help admins and users to find the solution without calling any support

    1 vote
    Vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  SafeGuard Enterprise Full Disk Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  6. Enable Destination Exclusions in Data Loss Prevention Policy Control Panel

    I want to be able to use the Data loss prevention feature in Sophos Cloud Enpoint Protection.

    Problem is, we are unable to use it as when enabled, it also blocks us uploading files to our internal intranet sites via IE. I can see no way of setting destination exclusions for the data loss prevention feature. Which basically truns a potentially amazing feature into an unusable technical tease.

    My suggestion is to add destination exclusions to the Data Loss Prenetion Policy. It should allow file transfer exclusions for internal addresses and allow manual destination exclusions. i.e. Blocks transfers via WeTransfer…

    4 votes
    Vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  7. Ubuntu

    to allow the encryption and management of Ubuntu workstation as part of SafeGuard Enterprise

    13 votes
    Vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  8. Safeguard 8 Managed Client Enhancement request for SafeGuard to disallow “suspension” of BitLocker on client.

    Safeguard 8 Managed Client Enhancement request for SafeGuard to disallow “suspension” of BitLocker on client.

    the FDE capability are primarily governed by the following requirements:

    ·

    Maintain or improve existing security posture of the Windows 7 platform

    ·

    Ensure end users cannot suspend/remove installed security controls

    As our current FDE solution in the Windows 7 environment prevents end users from suspending/removing full disk encryption provided by Sophos Safeguard 7.x, we are looking to preserve the same level of security in
    our upcoming Windows 10 platform

    7 votes
    Vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  9. Data discovery

    The EU General Data Protection Regulation (GDPR) is the most important change in
    data privacy regulation. We need to answer the question "where is PII data" to protect. It would be great if we could identify where PII data is by using Sophos.

    1 vote
    Vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →

    What’s being requested here sounds like a data at rest feature, this is a lot different from what we have today, we don’t currently have any plan to add this type of feature in our products. We are looking at GDPR and the current DLP feature to see what we would need to do to be able to support the GDPR requirements from a data in motion aspect.

  10. Include support for preselecting a domain at the Credential Provider

    Requested by Customer:
    When an environment is made up of two domains with a federation trust, there is no way to preselect a domain, or force an alias, at the SafeGuard Credential Provider, but at the Windows provider, this can be controlled by a GPO.
    Ex. There is a trust between domain 1 and domain 2, machines in both domains are presented with their logon domain as "domain" at the provider and have SSO to both domain 1& 2 for applications etc. The names domain 1 & 2 are hidden from the end-user.

    9 votes
    Vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  11. Remove old clients from Management Center via GUI

    Customer is asking for the possibility to remove old clients via a GUI window "en bloc" - means that user should get a window with criterias (like last server contact date) to pre-select shown clients and the her should be able to tick mark all clients that should get removed from database.

    6 votes
    Vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  12. Bitlocker - Capture Encryption Start Event - 3503

    When SafeGuard manages a Bitlocker full disk encryption device, event code 3503 - Sector-based initial encryption of drive 'X:' started" should be captured in the Event log of the Safeguard Management console.

    3 votes
    Vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  13. SGN8: application based encryption: prevention of decryption

    With SGN8 and application based encryption users also have the possibilty to manually decrypt encrypted files or to create password protected HTML5 containers (which has the same effect) by using the context menue. One of the first questions customers ask us: can I prevent users from doing this?
    Actually I can't. So the feature request is: policy based elimination of the possibility to manually decrypt encrypted files to prevent data leakage.

    48 votes
    Vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  SafeGuard Enterprise File Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow administrators to configure alert settings

    Really need to have the ability to manage alerting from the Sophos Central console.

    6 votes
    Vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  15. Remove SGN Credential Provider dependency

    Remove the dependency of the SGN Credential Providers and use the Windows standard Providers for Authenticating Users with and without smartcards.
    So the Software is more standard compliant and many problems are solved.

    3 votes
    Vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  16. Windows Lockscreen Configuration

    At the moment it is not possible to configure the windows 10 locksreen if Safeguad is installed.
    Please make it possible to let the admin choose if it is possible or not.
    Best would be to configure it via Windos GPO. To configure it via Safeguard policy would be an alternative way.

    22 votes
    Vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  17. Add SGN 8 policy to automatically Decrypt outbound Outlook file attachments

    SGN 8 Synchronized Encryption requires an add-in to manually specify that outbound attachments should be decrypted, or encrypted with a password, or sent as is, but this is not necessary or desirable if there is already an email encryption system in place. I don't want to have to force my users to decision each attachment with SGN when I already have a better email encryption solution in place. There should be auto-decrypt zones such as "outbound outlook attachments".

    10 votes
    Vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  18. 802.1x authentication

    Support for 802.1x authentication used mainly when connected to Wifi

    2 votes
    Vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  SafeGuard Enterprise File Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  19. Need to add IDENTITY FINDER to your list of applicaitons to cotrol

    Your application control feature is currently seeing Identity Finders "SHREDDING" function as ransomware and throwing false alarms. We have no way to stop the false alarms as identity finder is not listed in the list of applications to control or not control

    1 vote
    Vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
  20. disable option decipher file from policies

    disable option decipher file from policies to avoid from certain group users decipher files to send or change location but they can work with them.

    1 vote
    Vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  SafeGuard Enterprise File Encryption  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.