This article provides information about the configuration possibilities for Sophos Mobile Encryption 2.5 which are introduced with Sophos Mobile Control 4.0
Applies to the following Sophos product(s) and version(s)
Sophos Mobile Encryption for iOS 2.5
Sophos Mobile Control as a Service 4.0
Sophos Mobile Control 4.0
Particular operating systems related to this article - if any. Delete this section rather than putting 'Windows All' etc.
Available managed settings for Sophos Mobile Encryption 2.5
As of Sophos Mobile Control (SMC) 4.0 it is possible to manage the Sophos Mobile Encryption (SME) app on iOS devices.
Prerequisite: SME has to be deployed via the SMC server so it becomes a "Managed application". The device must be running iOS 7 or higher.
If the app was installed before by the user, it has to be removed and redeployed.
To manage the application, a new profile was introduced in SMC 4.0 which provides you the below configuration possibilities.
Configure Cloud Storage Providers and configurations regarding file sharing possibilities
In the first section of the profile configuration, you can specify
- which cloud storage providers should be shown in the app ("Enable" column)
- whether a user can mark files as "Favorite" for a cloud storage provider to read them even without an Internet connection ("Offline" column)
- if a user should be able to share an encrypted file with other apps / accounts configured on the device using the "Open In" feature ("Share encrypted files" column)
- if a user should be able to share a plain file with other apps / accounts configured on the device using the "Open In" feature ("Share plain files" column)
- if a user should be able to copy file content to the clipboard ("Clipboard" column)
App password configuration
Enable app password - Activating this setting requires the user to enter a password every time the Sophos Mobile Encryption app should be opened. The password has to be specified by the user when opening the app the first time.
Password complexity - defines how complex the password for the app password has to be which the user has to enter every time the app is started.
Grace period in minutes - the time until the app will ask for the password again if the app was closed or alternatively the device was locked in the meantime.
Offline access rules
Last server connect - Defines the time how long the app can be started without connecting to the SMC server. If the time is exceeded, the app will be locked automatically. The user can try to unlock the app if the connection once the connection to the SMC server should be possible again.
Offline starts without server connection - Specify how often the app can be started if the app is not able to connect to the SMC server
Keyring and keys
Enable keyring - This setting enables the keyring feature of Sophos Mobile Encryption. After entering the passphrase of an encryption key once, it will be stored in the keyring. Files encrypted with a known key will be decrypted seamlessly without entering the passphrase again.
Passphrase complexity - if a new key is created manually on the device you can specify how complex the passphrase for it has to be
Corporate documents / Egnyte / WebDav
Within these sections you can specify an account of a file server within your network or an Egnyte account
Server - the IP or URL the server can be accessed by
User name - a user name used to connect. The variables %_USERNAME_% or %_EMAILADDRESS_% can be used as well
Password - the respective password for the user. You can leave that empty so the user can enter it
Upload folder - the default upload folder which should be used for this account