SGLC Client should support XenApp 7.15 terminal services on Windows Server 2016

Could you please add YubiKeys to your supported smartcards as it's a convient smartcard with multiple use cases. e.g. certificate based user authentication, otp functionality, code signing

Ability to have Network Aware POA on machines (especially BitLocker as there is no user-based POA).

Many customers need the ability to disable POA on devices in the office - for example shared machines. If the device is stolen, then POA should be enabled immediately. We are currently working on a 3,000 user company with Call Centre who love what we can do in Win7 but need a comparable approach for BitLocker managed machines.

This would apply for Central as well however we have a larger SGN deployment base today so SGN is the most important starting place.

to allow the encryption and management of Ubuntu workstation as part of SafeGuard Enterprise

The EU General Data Protection Regulation (GDPR) is the most important change in
data privacy regulation. We need to answer the question "where is PII data" to protect. It would be great if we could identify where PII data is by using Sophos.

Remove the dependency of the SGN Credential Providers and use the Windows standard Providers for Authenticating Users with and without smartcards.
So the Software is more standard compliant and many problems are solved.

At the moment it is not possible to configure the windows 10 locksreen if Safeguad is installed.
Please make it possible to let the admin choose if it is possible or not.
Best would be to configure it via Windos GPO. To configure it via Safeguard policy would be an alternative way.

Your application control feature is currently seeing Identity Finders "SHREDDING" function as ransomware and throwing false alarms. We have no way to stop the false alarms as identity finder is not listed in the list of applications to control or not control

Data Control scans files both when downloading and uploading files to the web which is crazy...

Well it's fair enough to have the option.

Data Control can take ages to scan files...

I think there should be a setting within the policies to only scan in one direction up, down of both.

We use it as data loss prevention software to log sensitive going out the building, it grinds on our process when scanning every downloaded file.

Thanks.

The SafeGuard client installers should log every installation and uninstallation with the paramter /L*vx to a documented folder.
In case of error and/or compatibility issues the behaviour would be logged.

The SafeGuard client installers should log every installation and uninstallation with the paramter /L*vx to a documented folder.
In case of error and/or compatibility issues the behaviour would be logged.

Although Google Drive Encryption files is supported by Sophos, FileStream it is not. It would liberate resources from computer as it is not mandatory to have files downloaded. As Safe Guard 8.1 encrypts files in local it doesn't work with this cloud resource.
Dropbox has a similar resource.

Sophos DLP can not block .zip files with password.
Blocking works only for passwords placed directly on files, such as .xls or .doc, but if the file is without a password and the password is put into compression, the tool can not recognize and lock the file.
With this it is possible to leak information, causing a large breach in data security.

According to support, DPL policies do not work on Macs. I tested it and unfortunately, they are correct. This is a great feature and needs to be rolled out to Macs.

Please move the recovery button a bit further from the OK button. UX principles would suggest that such a radically different function should not be close enough to the OK button such that an accidental click renders the system in a temporarily unusable state. OK/Clear/Recovery/Restart or something like that would be better to give a buffer for those of us with fat fingers and itchy mouse triggers.

When a network user logon to a computer with SGN installed and the user´s password is expired, SGN requests a password change.

SGN must have a way to disable this feature, preventing request a new password to network users when company uses a external Password Manager.

Providing SGPortable without Data Exchange or Cloud Storage would enable 3rd Party Users to read encrypted files provided by SGN-Users without using Outlook-Plugin (in addition to the ideas of SyncEnc Appication Wildcards and Keygeneration with passphrase in SGN MC)

With the ability to user wildcards for "any application" it would be possible to combine
- Synchronized encryption for the company
- Full File Encryption for certain paths

To generate Keys with passphrase it is necessary to create them on a client an sync them into the management before using them in a policy.
It would be easier and ore intuitive for admins to create them with passphrase in the management center.