This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

is it possible to exclude some URL from Endpoint logging -> whistle-blowing

Hi,

due to some strange German law, there must be some wistle-blowing URL to be excluded from decrypting but also from logging.

is that possible with Sophos Endpoint / Central?

What about Datalake?

Though it's a nightmare in terms of security, authorities believe it's the best option for employees to use it's companies IT infrastructure to report towards a cloud based whistle-blowing system.



This thread was automatically locked due to age.
Parents
  • Hi LHerzog,

    Thanks for reaching out. 

    Can you provide me with any additional references to the websites in question or possibly some documentation on the government websites that go into detail regarding this so I may share it with our team? 

    Web Control will only log an event if the website is blocked. Once the website-blocked entry is created it’s not possible to delete the event from the events list. It’s also not possible to delete items from the Data Lake. 

    Some additional information on data retention:

    Data in the Sophos Data Lake will be stored for 30 days for Intercept X Endpoint and Server XDR customers.

    XDR customers who have also purchased Central Firewall Reporting will be able to access up to 1 year of data in the Sophos Data Lake within Firewall Reporting. XDR customers are limited to the last 30 days of data analysis. 

    Allow me some time to inquire with our team, and I will update you here. 

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Hi  

    actually this is EU directive, transformed into German law.

    https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX%3A32019L1937

    https://www.gesetze-im-internet.de/hinschg/__8.html (German only)

    "The identity of the persons named in sentence 1 may only be known to the persons who are responsible for receiving reports or taking follow-up measures, as well as the persons supporting them in the fulfillment of these tasks." (Google translate)

    Several commercial businesses spreaded that offer "anonymous" report services. If a company decides to use their service, the IT needs to exclude those activities from logging etc.

  • could you get some information about this topic internally?

Reply Children