This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

I may have found a massive hole in Data Control which is slightly worring?

It would appear that if you create a Data Control Policy which prevent users from emailing file types to unauthorised email destinations like gmail, webmail, hotmail and attach any document from a network directory it allows the email to be sent (Shocking).

If you attach a file from your local machine it blocks the file fine, it would seem that the Sophos agent has difficulties understanding mapped drives which it pretty shocking for a security product.

Note:

I have sent this information to Sophos to review and I may have missed something so don't take this as gospel.  This maybe an isolated issue which is happening in my environment.

Server 2003 R2 x64 SEC 4.7.0.13

Client Win7 x86 9.5

:15489


This thread was automatically locked due to age.
Parents
  • Hi Christian,

    Just read your other posting (in the DLP forum) about "downloads" being exempted from scanning. Let me raise a defect with engineering for investigation. I agree that this location shouldn't be exempt from scanning. At the moment specific folders within the "users" folder are scanned and that should include any folder where the user would typically store or save files. Apologies for not first reading your other posting.

    Best regards,

    John

    :15895
Reply
  • Hi Christian,

    Just read your other posting (in the DLP forum) about "downloads" being exempted from scanning. Let me raise a defect with engineering for investigation. I agree that this location shouldn't be exempt from scanning. At the moment specific folders within the "users" folder are scanned and that should include any folder where the user would typically store or save files. Apologies for not first reading your other posting.

    Best regards,

    John

    :15895
Children
No Data