This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Data Control, copy file in event to a central location

Lets say a user transfers a file that trips the Data Control 'Sensitive' document event, is there a way to copy said file to a central location, maybe somewhere on the Sophos server?

No amount of Googling is giving me an answer, so I don't think this is possible, thought I'd ask here before giving up.

Jeffrey.



This thread was automatically locked due to age.
Parents
  • Hello Jeffrey,

    Data Control blocks (or alerts on) file transfers, this is all it does. 
    Just curious - is this for documentation purposes or to check whether Data Control is correct?

    Christian

  • Thanks QC, it's what I thought.

    It's for eg. someone copies a file from their desktop to a USB stick called names.xlsx, there is no way to know what was in this file, we could connect into their machine with \\comp\c$\user\bob\Desktop and if it's been deleted instantly, hopefully volume shadow copies are turned on, but would prefer to store in a central location.

    Jeffrey.

Reply
  • Thanks QC, it's what I thought.

    It's for eg. someone copies a file from their desktop to a USB stick called names.xlsx, there is no way to know what was in this file, we could connect into their machine with \\comp\c$\user\bob\Desktop and if it's been deleted instantly, hopefully volume shadow copies are turned on, but would prefer to store in a central location.

    Jeffrey.

Children
  • Hello Jeffrey,

    [disclaimer: my personal opinion only, and I'm not Sophos] Sophos' primary goals are protection against threats from the outside and prevention of inadvertent or at most negligent data leakage. As far as the byproducts concerning improper use of resources, workplace productivity and the like (e.g. Web Control), or misuse of rights go their philosophy is to raise awareness (users' with whatever rights and site administrators' alike). They don't subscribe to (stealth) surveillance and hemming in, you can't suppress the desktop messages in Web Control for example. It's a balancing act though, and sometimes it'd help to fish out a rotten apple. Nevertheless Sophos doesn't provide tools which would mainly aid those who put their users under general suspicion (BTW: technically a scheduled scan could also search for sensitive data like it can for PUAs and Controlled Applications).
        

    Christian