Hello,
this is a question to the Sophos Support members here in the forums.
Today I noticed, that a user "support", that is probably from Sophos, logged in with remote access to our firewall.This user changed the existing remote access settings and extended it for 2 weeks without having me notified.
The original RA-ID has been communicated by me to the case owner. This has been one week ago and RA would have expired tomorrow.
I would not really call this an unauthorized access and manipulation but in fact it is. How can it be, that I grant you 1 week access and without letting me know, you use it to extend this to 3 weeks? What if unauthorized usage happens in that time? Who is responsible then? Is this a regular procedure of Sophos as security company?
Lets just exclude here, that there has again almost been a month of inactivity on the case - or at least this looks to me like this.
See here: logon, change the remote acccess setting, and then gone, bye.
This thread was automatically locked due to age.
