Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 4192 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Automatic Scan of Removable Media?

CityOfPasco

Ok, so here's what I'm looking to accomplish along with a short backstory of why:

Currently, my employer is being audited by our insurance company based entirely on our cyber security readiness.  There have been multiple areas that were identified as 'Manditory complant' in which we are lacking, the biggest issue of them being automatic scanning of removable devices once inserted.  This is something that sounded trivial to me at first due to the Sophos on-access scanning capabilities, however per the definitions of the insurance company, that isn't quite good enough to be up to snuff.  

I need a way to make Sophos scan removable media once it is inserted into a PC.  I have been through the forums and found one other posting that was somewhat similar from a few years back with no resolution to speak of.  Does Sophos have any answer to this issue?  

(Original thread here: /search?q= 691)

I'd appreciate any community or moderator feedback/assistance.  Thank you all kindly. 

:40489


This thread was automatically locked due to age.
  • 0

    I saw the old thread and now this. I seem to remember having this capability on other AV products. I had an option that said something like "scan USB drives when loaded".   Anyway, I think it's a necessity that removable media get scanned immediately. 

    I also wish they had a better standalone scanner.  I've got PC's with no internet connections and would love to have a simple plug in the USB drive and execute the scan.     

    :40505
  • 0

    Gentlemen (no male chauvinism intended),

    there haven't been any changes in this area AFAIK. JoeDoes post in the mentioned thread is IMO a good summary. Auditors can be pretty dogmatic at times (I could tell you a thing or two about it) and it's all but impossible to argue with them.

    Nevertheless, that the feature hasn't been added suggests (I'm not Sophos) that Labs deem the cons to outweigh the pros. IMO you could either block access to the device until the scan has finished (which would be a drag with today's media sizes and thus likely unacceptable) or kick off a "background" scan (with all the intricacies in conjunction with device removal) - but then you'd have to rely on on-access scanning for protection anyway.

    @RayZ: a better standalone scanner - what exactly are you thinking of? Copying a "live" \Sophos Anti-Virus directory to CD/DVD/USB you can run SAV32CLI.exe from there. How would you want this process to be improved?

    Christian

    :40507