Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 17 replies
  • Subscribers 1 subscriber
  • Views 68747 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

I may have found a massive hole in Data Control which is slightly worring?

nerohero

It would appear that if you create a Data Control Policy which prevent users from emailing file types to unauthorised email destinations like gmail, webmail, hotmail and attach any document from a network directory it allows the email to be sent (Shocking).

If you attach a file from your local machine it blocks the file fine, it would seem that the Sophos agent has difficulties understanding mapped drives which it pretty shocking for a security product.

Note:

I have sent this information to Sophos to review and I may have missed something so don't take this as gospel.  This maybe an isolated issue which is happening in my environment.

Server 2003 R2 x64 SEC 4.7.0.13

Client Win7 x86 9.5

:15489


This thread was automatically locked due to age.
Parents
  • 0

    Hey Jak,

    This is the official update from Sophos.

    Hello Jason,

    We have just had a reply back from our 3rd line engineers
    who have been looking into this issue for you.

    They said;

    "Data
    Control has certain inbuilt exclusions:-

    The process exclusions in the
    Factory.xml file
    Windows directory
    Program file directory
    Users area,
    (not including) My Documents, CD Burn Area and Desktop
    Any instance of
    desktop.ini and autoexec.bat, regardless of where they are on disk

    This
    is to prevent problems with applications generating alerts when accessing
    data."

    So in English that means it was designed to work that way due to
    how Windows 7 works, however they also acknowledged that this needs looking into
    further and are going to escalate it to see if in a future update this issue
    could be resolved.

    Sorry I can't be more help.

    :15857
Reply
  • 0

    Hey Jak,

    This is the official update from Sophos.

    Hello Jason,

    We have just had a reply back from our 3rd line engineers
    who have been looking into this issue for you.

    They said;

    "Data
    Control has certain inbuilt exclusions:-

    The process exclusions in the
    Factory.xml file
    Windows directory
    Program file directory
    Users area,
    (not including) My Documents, CD Burn Area and Desktop
    Any instance of
    desktop.ini and autoexec.bat, regardless of where they are on disk

    This
    is to prevent problems with applications generating alerts when accessing
    data."

    So in English that means it was designed to work that way due to
    how Windows 7 works, however they also acknowledged that this needs looking into
    further and are going to escalate it to see if in a future update this issue
    could be resolved.

    Sorry I can't be more help.

    :15857
Children
No Data
Unfiltered HTML