Sophos UTM: Decommissioning of obsolete URL categorization services CFFS.Click here for important info.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Turning off Sophos services on a laptop for private use

I have joined a company as a contractor and I am using my own laptop (Macbook) for work. I had to install Sophos, and this is the list of services/products I am seeing in the activity monitor:

  • SophosUserAgent
  • Sophos Encryption Agent
  • Sophos Endpoint

I am open for using this software when I am working, but out of working hours I want to use this laptop as a private laptop, which it is. I want to understand two things since this is my first encounter with this security product:

  1. Before trying it, can I force quit those services and open them when working? Does my client get notified about it? Can it even be done without Tamper protection password?
  2. How to asses the breadth of data it collects? I am not feeling at ease using this laptop for regular private use knowing that everything is being collected and transferred back to client's IT department. I am okay with using it when working, but I don't want the 3k euro laptop to just be used 40 hours per week.

I have thought that, if I create a separate user on the laptop and install it there, other user will be "sandboxed" from it, which isn't the case. Can that somehow be achieved with Sophos?

Thank you for your help!

This thread was automatically locked due to age.
  • Hello Marko,

    Thank you for reaching the community Forum.

    For your queries, Below are the answers.

    1. For any device which has our endpoint on it. It became managed to the central Platform, which only your IT administrator can access. It is not possible to make further changes like turning off any components, as all actions on the software components require you to use a Tamper protection password. Also, changing the status of the components will send a report to Sophos Central, and your administrator will be notified.

    2. Since your device has been totally managed via Sophos Central, the logs generated in your device, like drive scanning and web usage, will be sent to the Central dashboard unless you uninstall the endpoint.

    Hope this answers your questions above and feel free to reach us if you have more questions/clarifications regarding our product. 

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer | Global Community and Digital Customer Support
    Connect, Engage, Earn Rewards - Join the Sophos Community
  • Hello Glenn,

    Thank you for your answer. One last question before I accept your answer - can Sophos be sandboxed to one user account in any way without using a virtual machine?

  • The scanning Sophos performs will scan the system as a whole. It's not possible to restrict this down to a single user profile. 

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids