should be available feature to exclude using domain name in DLP polic

Please add also cyrillic symbols into DLP engine in EPP.
It's a very important feature for CIS countries' customers.

Sophos Data Control feature in the endpoint solution is incompatible with Secure Boot. Secure Boot is the foundation for Microsoft's Windows security stack since Windows 8. Data Control under Secure Boot blocks all USB file transfers.
Sophos Tech team advised to disable secureboot option. But this is not practical in large organizations with branches in different locations. Many companies require DLP solutions for compliance and will likely switch products if Sophos can't find a way to work with Secure Boot.

In DLP Alerts for files that interact with web browsers, is it possible to show the web address that the file interacted with?

For example: a user uploads a file which trips the alert into Google Drive.
The alert would show User, File Path, File Name, Application: Google Chrome, Web Address: drive.google.com

I would like to list the number of records on a Custom Content Control List. So if I have a custom Account number, I want to list the number of those accounts that can be sent at one time. Right now, all I can do is specify the custom account or match a certain phrase. The only categories that I can specify the number of matches is on the Sophos Default DLP Policies.

I created a USB DLP policy to allow, but track all USB transfers. Transfers are tracked locally on the end point, but the log data is not transferred to reporting in the sophos admin console. It would be incredibly useful to see the same information that is tracked in the local log in the admin console as well. Other DLP policy matches make it there, why can't these?

Sophos Data Control feature in the endpoint solution is incompatible with Secure Boot. Secure Boot is the foundation for Microsoft's Windows security stack since Windows 8. Data Control under Secure Boot blocks all USB file transfers. Many companies require DLP solutions for compliance and will likely switch products if Sophos can't find a way to work with Secure Boot.

I would like to see what Sophos saw that caused it to trigger a DLP alert. It would be nice to have detailed visibility on what was detected. A SS#? A PAN? A Date of Birth? That way we have concrete evidence of what was detected so we may approach the end user with solid data rather than a general name of the policy.

It would be nice if there was an optional value that could be set to allow the ability to save files opened over a network share or USB device back to the original device without requiring the need to save locally and move the saved file back to the network/USB resource when DLP is enabled. Currently, on Windows systems, it appears this can only be done when Windows Indexing is disabled.

Please create the ability to change RMS from using a self-signed certificate to being able to import a Trusted third party CA signed certificate.

I have notice that pretty much all our downloads as well as uploads are captured as events by the DLP engine when setting policy for web browsers.

This can mean the controlled items list becomes huge and the central events log is way to big to get anything meaningful in terms of data leaving via web.

All the data loss tools I've used generally only capture outbound events, as this is the nature of Data Loss Prevention.

Data Control - Add extension list for each File Type Group

We would like to request to display file extension for each file type group on Sophos Central.
This feature is available in Sophos SEC but when using cloud it is not showing.
Thanks.

When downloading a file from browser with data control policy. There is an alert and logging on Data Events. (example: blocking of spreadsheet with content rule)
This happens on both file rule and content rule.

Also, the log event's source path and destination type is interchanged.

We enable DLP on all desktops and web browsers however we have an internal system where we need to upload files to using a web browser. We would like to exclude URL's based on a list so these can be sent using any browser without the DLP client kicking in and scanning the files.

When Sophos Data Control is scanning for PII, I would like the ability to disable the "The file is being scanned for sensitive data. Please wait." message. This message would cause confusion among users and unnecessarily increase call volume for my helpdesk.

Client request for data control rules to only be scanned once instead of each rule one by one.

For example if the client has 6 rules, the system may take a little bit longer to copy a file.

Whereas when one rule is applied it takes less time.

Would like the file to be scanned once if possible.

Allow an exclusion of website destinations in which documents that would otherwise be blocked by DLP can be uploaded. This is useful for company portals where the document would reside within the network anyway.

Current endpoint data control policies do not detect cloud storage providers as a destination to monitor. More people are using cloud storage in favour of traditional storage mediums such as USB pens.

It's important that Sophos are able to monitor and block data transfers to these destinations. When combined with SGN it would make for a powerful story.