Sophos Endpoint Tracking / Privacy

With the whole work from home, recently our org has asked us to install Sophos Endpoint on our devices. I'm aware that any banned websites will trigger an alert to the admin, and not that worried about that. However, what kind of visibility does the company have to URLs visited, etc? As well, does it have the ability to track time in apps / pull files locally from the device? A bit concerned about privacy of off the clock browsing & personal files on the device. Thanks a lot!

Parents
  • You should not expect privacy with an endpoint on your machine. They can block URLs or programs, they can detect what programs you are running, they can detect what peripherals you plug in (printer, USB stick, etc), they can run queries against your machine. The exact details depend on whether they have XDR or just endpoints and what features they enable on the endpoints, and so on.

    Your work doesn't provide their own laptops for you to use? At larger companies, that's what happens since they want total control -- Admin, endpoint, etc -- over anything they're going to allow on their VPN. It semi-defeats the purpose of an endpoint to not control Administration on the computer. (Or vice-versa, if they don't do the right thing when you leave the company, you may not recover full control over your own computer.)

Reply
  • You should not expect privacy with an endpoint on your machine. They can block URLs or programs, they can detect what programs you are running, they can detect what peripherals you plug in (printer, USB stick, etc), they can run queries against your machine. The exact details depend on whether they have XDR or just endpoints and what features they enable on the endpoints, and so on.

    Your work doesn't provide their own laptops for you to use? At larger companies, that's what happens since they want total control -- Admin, endpoint, etc -- over anything they're going to allow on their VPN. It semi-defeats the purpose of an endpoint to not control Administration on the computer. (Or vice-versa, if they don't do the right thing when you leave the company, you may not recover full control over your own computer.)

Children
No Data