Apparently Mac OS is not currently supported by Sophos Endpoint DLP. We have a decent number of Mac laptops in use in our environments and have a need to protect PII. Please consider building out the DLP module to support the Mac OS.

Please add also cyrillic symbols into DLP engine in EPP.
It's a very important feature for CIS countries' customers.

In DLP Alerts for files that interact with web browsers, is it possible to show the web address that the file interacted with?

For example: a user uploads a file which trips the alert into Google Drive.
The alert would show User, File Path, File Name, Application: Google Chrome, Web Address: drive.google.com

I am using your Endpoint protection trial version for the past few days. We work on 3D animation. It would be very helpful if you can block these file types. These file types are related to our 3D applications. I want these file types to be blocked from uploading . Can you do it?

1 .3ds
2 .abc
3 .mb
4 binary.fbx
5 .ms3d
6 .c4d

Sophos Data Control feature in the endpoint solution is incompatible with Secure Boot. Secure Boot is the foundation for Microsoft's Windows security stack since Windows 8. Data Control under Secure Boot blocks all USB file transfers.
Sophos Tech team advised to disable secureboot option. But this is not practical in large organizations with branches in different locations. Many companies require DLP solutions for compliance and will likely switch products if Sophos can't find a way to work with Secure Boot.

I would like to list the number of records on a Custom Content Control List. So if I have a custom Account number, I want to list the number of those accounts that can be sent at one time. Right now, all I can do is specify the custom account or match a certain phrase. The only categories that I can specify the number of matches is on the Sophos Default DLP Policies.

I created a USB DLP policy to allow, but track all USB transfers. Transfers are tracked locally on the end point, but the log data is not transferred to reporting in the sophos admin console. It would be incredibly useful to see the same information that is tracked in the local log in the admin console as well. Other DLP policy matches make it there, why can't these?

Sophos Data Control feature in the endpoint solution is incompatible with Secure Boot. Secure Boot is the foundation for Microsoft's Windows security stack since Windows 8. Data Control under Secure Boot blocks all USB file transfers. Many companies require DLP solutions for compliance and will likely switch products if Sophos can't find a way to work with Secure Boot.

I would like to see what Sophos saw that caused it to trigger a DLP alert. It would be nice to have detailed visibility on what was detected. A SS#? A PAN? A Date of Birth? That way we have concrete evidence of what was detected so we may approach the end user with solid data rather than a general name of the policy.

Currently Microsoft Edge is not included as a destination within the Data Control policy for the on-premise Enterprise Console.

Please create the ability to change RMS from using a self-signed certificate to being able to import a Trusted third party CA signed certificate.

Data Control - Add extension list for each File Type Group

We would like to request to display file extension for each file type group on Sophos Central.
This feature is available in Sophos SEC but when using cloud it is not showing.
Thanks.

Current endpoint data control policies do not detect cloud storage providers as a destination to monitor. More people are using cloud storage in favour of traditional storage mediums such as USB pens.

It's important that Sophos are able to monitor and block data transfers to these destinations. When combined with SGN it would make for a powerful story.

Ability to add websites to internet browser based list of applications in DLP.
To allow access to the site but restrict file transfers on the site

When customer to setting data control policy , only can setting removable device.
But mobile can't set in the policy.
So we want to add mtp/ptp device to control.

It would be nice if there was an optional value that could be set to allow the ability to save files opened over a network share or USB device back to the original device without requiring the need to save locally and move the saved file back to the network/USB resource when DLP is enabled. Currently, on Windows systems, it appears this can only be done when Windows Indexing is disabled.

Please add new video regarding Generating logs for MKV , Video and Audio Extensions

should be granular not only by category but file file extension, should have a check box for selection

Create DLP rules, policies, and exceptions based on files´ path information.

I have notice that pretty much all our downloads as well as uploads are captured as events by the DLP engine when setting policy for web browsers.

This can mean the controlled items list becomes huge and the central events log is way to big to get anything meaningful in terms of data leaving via web.

All the data loss tools I've used generally only capture outbound events, as this is the nature of Data Loss Prevention.