User based policies for Sophos Endpoint Security & Data Protection

Question

Hi all,

Today I lost a POC for Sophos Endpoint Security against a main competitor because of Sophos is not having user based policies.

My customer required our policies to be user based. Specially, the device control policies. For example, when a VIP user or IT administrators login from any location, they should be able to access their USB storage devices but for normal user accounts, USB devices should be blocked. Currently, even though Sophos is having good Active directory integration options, we can only define policies for computer objects. Device white-listing is there but it's not practical in large scale deployments or when a user requires unrestricted device access from multiple locations. I wonder whether there are any more Sophos partners who think that it’’’’s high time for Sophos to think about introducing user/group based policies for Endpoint Security & control.

Best regards,
Pubudu.

This thread was automatically locked due to age.

Johnstringer · Accepted Answer

Hi,

Sorry to hear about you loosing the POC. We are planning to add user based policies in a future release - with a focus on device control, application control, data control (DLP) (and perhaps some other things we have in the pipeline!). the current thinking is to maintain the ability to have a default machine based policy but layer user based policies on top i.e. a user based policy would take priority over a machine based policy. I'd welcome any feedback on this approach.

Not much help for the POC but we do have user based reporting in SEC 4 for app c, dev c, firewall and data c. This at least makes it straightforward to report on who attempted something against IT policy. Tamper protection in ESC 9.5 will also support user based reporting so wrists can be slapped if users start to try and guess the tamper protection password.

Best regards, 
 John :1292