Data Protection

Suggest, discuss, and vote on new ideas for Sophos Data Protection products. Protecting your data, wherever it goes.

Data Protection

Suggest, discuss, and vote on new ideas for Sophos Data Protection products. Protecting your data, wherever it goes.

Suggest an Idea...

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. disable option decipher file from policies

    disable option decipher file from policies to avoid from certain group users decipher files to send or change location but they can work with them.

    1 vote
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  SafeGuard Enterprise File Encryption  ·  Flag idea as inappropriate…  ·  Admin →
    • Currently Single Sign-on caches the Windows credentials indefinitely.

      If a user logs into a machine with Single Sign-on enabled, SafeGuard's POA caches the credentials of the user and does not clear them. This leads to the possibility that a user could log into POA, walk away to get coffee, and, if delayed, could have a different user log into Windows with their cached credentials. This would allow the secondary user access to network and local resources that could be blocked normally including sensitive/private/classified data.

      3 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
      • Data Control option to scan only when uploading not while downloading

        Data Control scans files both when downloading and uploading files to the web which is crazy...

        Well it's fair enough to have the option.

        Data Control can take ages to scan files...

        I think there should be a setting within the policies to only scan in one direction up, down of both.

        We use it as data loss prevention software to log sensitive going out the building, it grinds on our process when scanning every downloaded file.

        Thanks.

        1 vote
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
        • Support Apple Open Directory with SGN

          OSX client based on Apple Open Directory should be fully manageable with the SGN Management Center.
          FileVault2 and File Encryption policy should be fully applicable for those kinds of objects (machines and users).
          Use cases like re-image of client or re-name of user should be part of implementation.

          15 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
          • SafeGuard Watchdog should also monitor status of SGNAuthService and reset it if it hangs

            SafeGuard Watchdog should also monitor status of SGNAuthService and reset it if it hangs. Customers provide feedback that if the SG Credential Provider will not show up when trying to login a manual restart of SGNAuthService will help.
            So why not using our own watchdog to get rid of this issue?

            9 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
            • Thunderbolt docks on POA

              A customer wants suppor for Thunderbolt Docking Stations within the POA.

              Case 6612294

              1 vote
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
              • SGN Installer should always log with extended msi-logging

                The SafeGuard client installers should log every installation and uninstallation with the paramter /L*vx to a documented folder.
                In case of error and/or compatibility issues the behaviour would be logged.

                3 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
                • SGN Installer should always log with msi-Paramter /L*vx

                  The SafeGuard client installers should log every installation and uninstallation with the paramter /L*vx to a documented folder.
                  In case of error and/or compatibility issues the behaviour would be logged.

                  3 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
                  • SGFE for Mac - policy vs. interface

                    Some attention to the interface would seem necessary to address perceived "shortcomings" in the product regarding external media (thumb drives...)
                    Background:
                    Policy set to always encrypt. Dialog box pops up asking if user wants to encrypt.
                    Currently:
                    No encryption takes place until the dialog box is addressed even though policy is to always encrypt.
                    This leaves a window of opportunity for the user to not encrypt the drive/data. Arguably that is nice, in the event the drive is not yours, and it would be problematic to encrypt data on a drive that is from a user outside of the organization... …

                    1 vote
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  SafeGuard Enterprise File Encryption  ·  Flag idea as inappropriate…  ·  Admin →
                    • AD Sync check

                      Our customer had an issue recently, with the SGN console not able to push the AD modifications to the SQL database ; as a consequence, all the users went out of the domain, and were not having the regular policy. Customer found the root cause of this issue, which is the adding of a domain in self-reg, with the Netbios name "XX" (existing one), followed with the renaming of the correct one. We know that this action is not done by our APIs, which are only getting the information.

                      In order to no longer have this situation reproduced (it happened…

                      11 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
                      • Include Computername in Challenge/Response

                        A Platinum Customer wants to include the hostname in the Challenge/Response to make sure that Response Codes fits to the machine.

                        The reason is described in sophtrac case 5777475.

                        1 vote
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                        • Display failed login attempts after SG CP authentication

                          After user authenticates through SG CP, a Windows GPO can trigger a display of the last successful and unsuccessful login attempts. The SG CP shows the successful attempts correct, but has a count of zero for correct logins. Displaying this information works correct when Windows CP is used. The information is stored in the OS but the SG CP doesn't appear to pull the failed amount correct.

                          1 vote
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                          • SGN Installer should always log with extended msi-logging

                            The SafeGuard client installers should log every installation and uninstallation with the paramter /L*vx to a documented folder.
                            In case of error and/or compatibility issues the behaviour would be logged.

                            0 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
                            • SGN Installer should always log with extended msi-logging

                              The SafeGuard client installers should log every installation and uninstallation with the paramter /L*vx to a documented folder.
                              In case of error and/or compatibility issues the behaviour would be logged.

                              0 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                0 comments  ·  New Data Protection Ideas  ·  Flag idea as inappropriate…  ·  Admin →
                              1 2 3 5 Next →
                              • Don't see your idea?

                              Feedback and Knowledge Base

                              icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.