Sophos Mobile

Suggest, discuss, and vote on new ideas for Sophos Mobile. Countless devices, one solution.

Suggest an Idea...

Hide the display of apps for user privacy

For privacy reasons it should be possible to hide the display of apps via a setting at the customer property screen in a similar way as the ability to control the locate funcitonality

17 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • sso
  • facebook
  • google
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Samir Maktabi commented  ·   ·  Flag as inappropriate

        The new 8.5 General>Privacy tab is definitely an improvement, but the way the “Hide installed Apps” has been solved, it does not actually solve the GDPR issue. According to the GDPR admins/helpdesk should not be able to see PRIVATELY installed apps on a PRIVATELY enrolled device.
        It is important that this feature work differently whether it is a corporate enrolled device or a privately enrolled device.
        On a corporate device, admin or helpdesk can see all apps installed on the device. And in order to support the user it can be helpful for the helpdesk to see if a (corporate) app has been installed.
        On a private enrolled device, helpdesk needs to see which corporate apps that are installed on the device, BUT NOT which privately installed apps that are on the device.
        As default: “helpdesk” should be able to see all apps on corporate devices and only corporate pushed apps on private enrolled devices. These default options do not need be handled under this Privacy setting. The new Privacy setting should only be used for privately enrolled devices and if permitted then show the privately installed devices.
        It should only be the DPO (or super duper admin) who has a unique password, who can change the permission.
        Great with the log feature by the way!
        As it works right now any helpdesk person can enter any reason into the log, e.g. helping a salespersons, and use the permission also to check out the CEO’s device.
        And this also goes for the “locate device” function

      • Samir Maktabi commented  ·   ·  Flag as inappropriate

        On an iOS or Android device, that has been enrolled as a Personal device, I can still see the privately installed apps on the device.
        I believed that this was changed on Sophos Mobile 8.0, but now on 8.1 it's viewable again.
        According to GDPR admins nor helpdesk should not be able to see privately installed apps on a Personal/BYOD device.
        Please address this as soon as possible

      • Anonymous commented  ·   ·  Flag as inappropriate

        It must not be possible for the administrator to see all installed apps on a private device -- there even shouldn't be a choice for the administrator. As Franz Weinert said, he shall only see apps, which were installed by the mdm.

      • Anonymous commented  ·   ·  Flag as inappropriate

        This feature makes absolute sense - especially in BYOD environments!

        If not realized I see non-compliance with the EU GDPR when privately owned mobile devices are used for business purpose.

      • Franz Weinert commented  ·   ·  Flag as inappropriate

        Even though it is recommended for Companies with a works Council // there shall be a Option where you can only see installed apps wich are installed by the mdm and personal apps shall be not seen in the list at all.

        Must have!

      • Rene commented  ·   ·  Flag as inappropriate

        On perspective of a privacy data protection compliance this is a must have.

      • Anonymous commented  ·   ·  Flag as inappropriate

        And also for SSP users who mark their devices as private (or maybe with a third state) the displayed apps on the device properties should be hided.

      • Kaoru Higa commented  ·   ·  Flag as inappropriate

        Feature for private device.
        A user want a feature if a device is registered as a private device, administrator can choose to get or not installed apps.

        Is it possible to have this feature?

      Feedback and Knowledge Base

      icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.