Sophos UTM: Decommissioning of obsolete URL categorization services CFFS. Click here for important info.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Intercept X scans on mobile with Work Profile

Question: If a phone is enrolled with Android Enterprise Work Profile configured, is the isolated partition hosting the work profile apps/files covered by Intercept X scans? Or does that profile need its own mobile security app to scan that portion of the phone?



This thread was automatically locked due to age.
Parents
  • Thank you for reaching the community forum. 

    Yes, it's covered. You only need one security app and a license to be installed on the device. Provided that Mobile Threat Dedefense policy is enabled and configured. To have visibility on what our Intercept X for mobile covered for scanning, refer to this documentation in section (14.17.2 ) Antivirus configuration (Mobile Threat Defense policy for Android)

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer | Global Community and Digital Customer Support
    Connect, Engage, Earn Rewards - Join the Sophos Community
  • Although I have future plans to get a license to centrally manage the security of the family's phones, I currently use your Intercept X as a standalone installation. I looked at the documentation you mentioned, and the settings shown for MTD policy are the same ones configurable on a standalone install (except for a few, which is probably only available if it's the managed one).

    So to confirm if I understand your response correctly, as long as the settings listed below are enabled, everything including the apps and/or files in the Work Profile container/partition will be scanned, yes?

    • Scan system apps
    • Scan storage
    • Detect PUAs
    • Monitor storage
Reply
  • Although I have future plans to get a license to centrally manage the security of the family's phones, I currently use your Intercept X as a standalone installation. I looked at the documentation you mentioned, and the settings shown for MTD policy are the same ones configurable on a standalone install (except for a few, which is probably only available if it's the managed one).

    So to confirm if I understand your response correctly, as long as the settings listed below are enabled, everything including the apps and/or files in the Work Profile container/partition will be scanned, yes?

    • Scan system apps
    • Scan storage
    • Detect PUAs
    • Monitor storage
Children