Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 2 subscribers
  • Views 10374 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Auto comply with policies

Spectrum

Hi,

I been using the Sophos Data Protection Suite for approximately 5 years, and presently on console 5.2.1 and endpoint 10.3

I've requested as a development enhancement through tech support several times which seems to go into a black hole.

Basically we apply tamper protection to prevent staff from disabling/altering any of the products settings.  However IT staff do need to turn off the firewall, etc to do various tests.  The problem is that they forget to turn the protection back on, and comply with the policies.

What I want on the endpoint is a pop up box when removing tamper protection, and subsequently disabling features (in otherwords, not compling with the policies).  The pop up should ask the user how long before it re-complies with policies, such as a dropdown offering 1 hour, 4 hours, upon next reboot).  A bit look the snooze option for windows updates.

This has been around in other vendor products for years, and I'm gobsacked Sophos are missing this trick!  It also leaves open a big security risk.

Does anyone know if this is on the roadmap? Or can you point me to a Sophos employee who can escalate my request, rather than putting it in the bin.  First line support seem to read off a script and not action my requests.

I look forward to anyone's response.

Thanks,

Jon

:51528


This thread was automatically locked due to age.
Parents
  • 0

    Hi Jak & Christian,

    Sorry for the late reply, and thanks for taking the time to reply.

    Jak...  It seems strange that Sophos would add it (well sort of) to the Cloud product and not to SEC!  Are they not bothering to develop the on premise solution any longer?  Also your work around isn't ideal, but I may have no option if I don't get any further with Sophos themselves.

    Christian...  I don't think it is overally complex.  It could be implemented into SEC under each poilcy with tick boxes against each timeframe, say 1 hour, 2hours, 4 hours, next reboot.  We could then choose which ones to present to the client.  It would only be presented to the client, if tamper protection was disabled.  How the communication would work between SEC and Client could be via RMS, or have another service that is purly for this function.  Once the timeframe is up, the client issues a request to SEC to comply with all policies, and SEC forces that compliance.

    Also I wouldn't want it to wait forever (not sure I said that), but until next reboot is a viable option, as some complex troubleshooting could take all day.

    Furthermore, I don't really know what SOP means, but I do think it's a security risk.  All AnitVirus suites that we have at home offer a timeframe that you may want to disable it for.  Why?  Because it's human nature to forget to turn it back on, and the vendors don't want to put your at any unnecessary risk.  I don't see there should be any difference here, especially where data within a corporate environment is far more important than that at home.

    Finally, It's ridiculous that Sophos don't offer an obvious way to put suggestions for developing their product into a more robust solution.

    Anyway thanks again for your replies, though it looks as though I had hit another deadend.  I will try with my Account Manager AGAIN!!!  Or drive up to Sophos HQ and staple my suggestion to the CEO's forehead.

    :51764
Reply
  • 0

    Hi Jak & Christian,

    Sorry for the late reply, and thanks for taking the time to reply.

    Jak...  It seems strange that Sophos would add it (well sort of) to the Cloud product and not to SEC!  Are they not bothering to develop the on premise solution any longer?  Also your work around isn't ideal, but I may have no option if I don't get any further with Sophos themselves.

    Christian...  I don't think it is overally complex.  It could be implemented into SEC under each poilcy with tick boxes against each timeframe, say 1 hour, 2hours, 4 hours, next reboot.  We could then choose which ones to present to the client.  It would only be presented to the client, if tamper protection was disabled.  How the communication would work between SEC and Client could be via RMS, or have another service that is purly for this function.  Once the timeframe is up, the client issues a request to SEC to comply with all policies, and SEC forces that compliance.

    Also I wouldn't want it to wait forever (not sure I said that), but until next reboot is a viable option, as some complex troubleshooting could take all day.

    Furthermore, I don't really know what SOP means, but I do think it's a security risk.  All AnitVirus suites that we have at home offer a timeframe that you may want to disable it for.  Why?  Because it's human nature to forget to turn it back on, and the vendors don't want to put your at any unnecessary risk.  I don't see there should be any difference here, especially where data within a corporate environment is far more important than that at home.

    Finally, It's ridiculous that Sophos don't offer an obvious way to put suggestions for developing their product into a more robust solution.

    Anyway thanks again for your replies, though it looks as though I had hit another deadend.  I will try with my Account Manager AGAIN!!!  Or drive up to Sophos HQ and staple my suggestion to the CEO's forehead.

    :51764
Children
No Data
Unfiltered HTML