- Sophos Data Protection Is Off
- Sophos Tamper Protection
- Sophos Data Protection
- Sophos Data Protection Agent
Sophos offers comprehensive next-gen data protection solutions that are always-on, easy-to-deploy and simple-to-manage. Secure Data Beyond Network Boundaries Your users want to work from anywhere, on any device. Allow them to collaborate securely across devices and platforms with always-on SafeGuard encryption. Intercept X’s endpoint security integrates with Sophos Central so you can access and manage your endpoint security wherever you are, any time. No need to spend more on infrastructure and maintain on-premises servers. Switch to an endpoint security cloud solution for smarter, faster protection. Synchronize Your Firewall and Endpoint Security. Data Loss Prevention (DLP) controls accidental data loss. DLP enables you to monitor and restrict the transfer of files containing sensitive data. For example, you can prevent a user sending a file containing sensitive data home using web-based email. You do this by creating rules. Sophos AMSI Protection can be disabled through a Threat Protection Policy: Endpoint Protection Policies Threat Protection AMSI Protection (with enhanced scan for script-based threats): 'This protects against malicious code (for example, PowerShell scripts) using the Microsoft Antimalware Scan Interface (AMSI).
Sophos Data Protection Is Off
Data Loss Prevention (DLP) controls accidental data loss. DLP enables you to monitor and restrict the transfer of files containing sensitive data.
For example, you can prevent a user sending a file containing sensitive data home using web-based email.
You do this by creating rules. You then add the rules to policies, as described below. You can then apply these policies to users, computers and Windows servers.
Data Loss Prevention (DLP) policies include one or more rules that specify conditions and actions to be taken when the rule is matched. When a DLP policy contains several rules, a file that matches any of the rules in the DLP policy violates the policy. A rule can be included in multiple policies. You can add text to the messages shown on protected endpoints or Windows servers when the rules are triggered. There are two types of message:
- A confirmation notification that asks the user to confirm the file transfer.
- A block notification that informs the user that they cannot transfer the file.
You can create custom policies or policies from templates. The templates cover standard data protection for different regions. You can apply these policies to users, computers or Windows servers.
Sophos Tamper Protection
Go to Endpoint Protection > Policies to apply DLP.
To set up a policy, do as follows:
Sophos Data Protection
- Create a Data Loss Prevention policy.
- Open the policy's Settings tab and configure it as described below. Make sure Use rules for data transfers is turned on.
Sophos Data Protection Agent
- Choose whether you want to create a policy from a template or a custom policy.
- To use a template, select a region and a template and click Create from Template. This adds a pre-defined rule to the policy.
To add more rules, click Add.
- To create a custom policy, click Create Custom Policy and click Add. Choose whether you want to an use existing rule or create a new rule. Select the rules you want to add and click Add.
- To use a template, select a region and a template and click Create from Template. This adds a pre-defined rule to the policy.
- Turn on the options in the Messages For End Users area and click the option names to add your own message to the standard confirmation and block notifications. Each message can have a maximum of 100 characters. Note You can turn off either or both of these messages. The standard notification is shown on the endpoint or server. If you leave the message box blank the standard notification is shown.
- Enter the message text.
- Click Finish.