For every Sophos customer, please vote to have the Data Loss Prevention feature for Mac OS. We are a majority mac-house. I am sure there are tons of companies that have Macs in their ecosystem -

Thank you Sophos for valuing your customer's suggestions.

It is 2020 and macOS is a common workplace device. We require the ability to prevent file transfers containing PHI and other protective information, as well as create custom rules. This needs to be revisited

Can the destination URL that the user is uploading files to please be included on the DLP logging. This would help us in getting better information for users uploading files to websites.

Currently we have to use a 3rd party tool to check the URLs.

Block incoming and outgoing file transfer using anydesk application during remote session.

OCR (optical character recognition) Sensitive Image Recognition provides the capability to extract text from images (scanned documents, screenshots, pictures, and so on) and from PDFs, enabling you to use new or preexisting text-based detection rules on this content.

We need DLP reports in GMT +5.30 zone instead of UTC , due to this we are getting challenges while auditing.

We would like to create a dlp rule using a new extension to block or allow, but in this moment we can select only from a Sophos List. It's not possible to add or import new extension.

Add a way to tell if an 'Internet Destination File Copy' was an upload or a download. Currently you can not tell if a user uploaded a file or downloaded or file. You can see where files go to a users 'Download' folder on Windows but this is not a reliable enough way to determine this.

add the ability to add approved websites to a DLP policy. To allow uploading files to a site for know purposes i. e. uploading receipt to financial expense systems...

should be available feature to exclude using domain name in DLP polic

Sophos Data Control feature in the endpoint solution is incompatible with Secure Boot. Secure Boot is the foundation for Microsoft's Windows security stack since Windows 8. Data Control under Secure Boot blocks all USB file transfers.
Sophos Tech team advised to disable secureboot option. But this is not practical in large organizations with branches in different locations. Many companies require DLP solutions for compliance and will likely switch products if Sophos can't find a way to work with Secure Boot.

Please add also cyrillic symbols into DLP engine in EPP.
It's a very important feature for CIS countries' customers.

In DLP Alerts for files that interact with web browsers, is it possible to show the web address that the file interacted with?

For example: a user uploads a file which trips the alert into Google Drive.
The alert would show User, File Path, File Name, Application: Google Chrome, Web Address: drive.google.com

I created a USB DLP policy to allow, but track all USB transfers. Transfers are tracked locally on the end point, but the log data is not transferred to reporting in the sophos admin console. It would be incredibly useful to see the same information that is tracked in the local log in the admin console as well. Other DLP policy matches make it there, why can't these?

I would like to list the number of records on a Custom Content Control List. So if I have a custom Account number, I want to list the number of those accounts that can be sent at one time. Right now, all I can do is specify the custom account or match a certain phrase. The only categories that I can specify the number of matches is on the Sophos Default DLP Policies.

Sophos Data Control feature in the endpoint solution is incompatible with Secure Boot. Secure Boot is the foundation for Microsoft's Windows security stack since Windows 8. Data Control under Secure Boot blocks all USB file transfers. Many companies require DLP solutions for compliance and will likely switch products if Sophos can't find a way to work with Secure Boot.

I would like to see what Sophos saw that caused it to trigger a DLP alert. It would be nice to have detailed visibility on what was detected. A SS#? A PAN? A Date of Birth? That way we have concrete evidence of what was detected so we may approach the end user with solid data rather than a general name of the policy.

It would be nice if there was an optional value that could be set to allow the ability to save files opened over a network share or USB device back to the original device without requiring the need to save locally and move the saved file back to the network/USB resource when DLP is enabled. Currently, on Windows systems, it appears this can only be done when Windows Indexing is disabled.

Please create the ability to change RMS from using a self-signed certificate to being able to import a Trusted third party CA signed certificate.

I have notice that pretty much all our downloads as well as uploads are captured as events by the DLP engine when setting policy for web browsers.

This can mean the controlled items list becomes huge and the central events log is way to big to get anything meaningful in terms of data leaving via web.

All the data loss tools I've used generally only capture outbound events, as this is the nature of Data Loss Prevention.