not fully tamper protected

Hello rino19ny,

your product

to avoid misconceptions, I'm not Sophos :smileyhappy: and I'm not trying to talk you into choosing one vendor over another.

certain features that are not greyed

It's mainly a question of general principles, design decisions and the resulting (economically justifiable) implementation. In the extreme a vendor could offer granular central control over the settings available for a user (and, while we're at it, user-based policies/settings) and/or the option to completely suppress the UI. Sophos' motto is Security made simple, thus you can't expect this kind of complexity.

The actual design is naturally a tradeoff. TP has only be added later, apparently by enough request. For now, Sophos still refrains from gearing into the OS beyond the inevitable - while it would make (unauthorized) fiddling with the settings harder but not impossible it gives rise to other issues. 

Specifically to the available settings: One group is for On-demand and Right-click scans. These scans are requested solely by the user - thus it's quite coherent that the settings are available to the user. Less obvious is Authorization - it is admittedly not innocuous. OTOH, not giving the user (who is administrator) the ability to authorize certain files/activity might preclude the very actions which, in order to execute them, the user has got the administrative rights for.

To add my two cents (also to IAMU's post): Personally I don't like the IT vs. users scenario. Technical "solutions" are at best the second-best. Instead users should be educated that bypassing the AV on their computer is like disabling the airbag in their car.  Furthermore it should be made evident that extended rights (if they are actually necessary) come along with responsibilities. 

Christian

Hello rino19ny,

your product

to avoid misconceptions, I'm not Sophos :smileyhappy: and I'm not trying to talk you into choosing one vendor over another.

certain features that are not greyed

It's mainly a question of general principles, design decisions and the resulting (economically justifiable) implementation. In the extreme a vendor could offer granular central control over the settings available for a user (and, while we're at it, user-based policies/settings) and/or the option to completely suppress the UI. Sophos' motto is Security made simple, thus you can't expect this kind of complexity.

The actual design is naturally a tradeoff. TP has only be added later, apparently by enough request. For now, Sophos still refrains from gearing into the OS beyond the inevitable - while it would make (unauthorized) fiddling with the settings harder but not impossible it gives rise to other issues. 

Specifically to the available settings: One group is for On-demand and Right-click scans. These scans are requested solely by the user - thus it's quite coherent that the settings are available to the user. Less obvious is Authorization - it is admittedly not innocuous. OTOH, not giving the user (who is administrator) the ability to authorize certain files/activity might preclude the very actions which, in order to execute them, the user has got the administrative rights for.

To add my two cents (also to IAMU's post): Personally I don't like the IT vs. users scenario. Technical "solutions" are at best the second-best. Instead users should be educated that bypassing the AV on their computer is like disabling the airbag in their car.  Furthermore it should be made evident that extended rights (if they are actually necessary) come along with responsibilities. 

Christian