This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

I may have found a massive hole in Data Control which is slightly worring?

It would appear that if you create a Data Control Policy which prevent users from emailing file types to unauthorised email destinations like gmail, webmail, hotmail and attach any document from a network directory it allows the email to be sent (Shocking).

If you attach a file from your local machine it blocks the file fine, it would seem that the Sophos agent has difficulties understanding mapped drives which it pretty shocking for a security product.

Note:

I have sent this information to Sophos to review and I may have missed something so don't take this as gospel. This maybe an isolated issue which is happening in my environment.

Server 2003 R2 x64 SEC 4.7.0.13

Client Win7 x86 9.5

This thread was automatically locked due to age.

Parents

0 QC over 12 years ago

Hello nerohero,
thanks for posting the reply (although the formatting of the quoted text is somewhat confusing - but reading it twice I got it). Maybe it's the heat out(and in-)side but I'm inclined to say this is BAD (read: broken as designed). Apart from that - if this behaviour is documented it's not easy to find. Even Support doesn't seem to be aware of this, well, limitation (see DLP - browser upload on Win7 64bit not intercepted?).
Christian
:15889
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 QC over 12 years ago

Hello nerohero,
thanks for posting the reply (although the formatting of the quoted text is somewhat confusing - but reading it twice I got it). Maybe it's the heat out(and in-)side but I'm inclined to say this is BAD (read: broken as designed). Apart from that - if this behaviour is documented it's not easy to find. Even Support doesn't seem to be aware of this, well, limitation (see DLP - browser upload on Win7 64bit not intercepted?).
Christian
:15889
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data