32 votes2 comments · Data Protection » SafeGuard Enterprise Full Disk Encryption · Flag idea as inappropriate… · Admin →
Sophos wouldn't even need to create this since in the non-SGN environment it already exists. It's called BitLocker Network Unlock and it's been around since Windows 8/Server 2012 so it's kind of crazy that Sophos hasn't added support for it to SGN Server.
Sophos please add BitLocker Network Unlock support.
EDIT: There is a General policy to set default Outlook add-in to No Encryption, but it relies on a Whitelist that does not accept wildcards or partial domain names so No Encryption domains must be individually specified.
Enhancement could be as simple as allowing Whitelist to accept wildcards.
For example, my email text and email attachment encryption is performed on all outgoing email by ZixGateway. SGN Synchronized adds an extra opportunity for mistakes for my end-users and extra opportunity for our recipients.James Brammer shared this idea ·
37 votes6 comments · Data Protection » SafeGuard Enterprise File Encryption · Flag idea as inappropriate… · Admin →
Also allow us to import existing keys from YubiKeys if they are of an appropriate type to be accepted by SGN, and allow POA authentication with YubiKey+PIN.
48 votes4 comments · Data Protection » SafeGuard Enterprise File Encryption · Flag idea as inappropriate… · Admin →
This is currently planned for the release after SGN 8.1.
Yes this. Give it to us as both Computer and User policies. Synchronized Encryption policies are currently applied as closest to the workstation, but allow User to override Computer on Allow Decryption/Password Encryption, and we could essentially whitelist a few trusted users to decrypt while denying everyone else.
Assuming that the user is able to install OpenOffice and/or is sufficiently knowledgeable or determined to, or that their INTENT is to leak data. Perhaps they decrypt for a quick convenience of some kind and forget to re-encrypt.