Sophos software being removed automatically

We are using Sophos Central and use basic Endpoint Protection, InterceptX Advanced and Encryption - Windows 10 Education 21H2 clients.

Desktops get Endpoint protection + InterceptX

Laptops get Endpoint protection, InterceptX and Encryption.

I now have hundreds of clients that only have the 'Core Agent' installed. Machines that I iinstalled either InterceptX or Encryption on have had those products removed, sometimes after just one reboot. The clients are not logging this behaviour.  I can confirm that all products are correctly assigned in Sophos Central and that no policies have been edited for at least 12 months.

Is anybody else seeing anything like this? Regarding the encryption - Sophos Central is stating that Encryption is not installed (as is the client) yet the Windows Bitlocker component is still on the laptop and accepting the user's startup PIN.

I'm at a loss as to what is going on.



Edit Tags
[edited by: GlennSen at 8:06 AM (GMT -8) on 12 Mar 2023]