Permissions required by the Sophos Mobile Control (SMC) Android client

  • Article ID: 116995
  • Rating:
  • 2 customers rated this article 2.0 out of 6
  • Updated: 11 Mar 2014

This article lists the permissions required by the Sophos Mobile Control (SMC) Android client, and describes their use.

First seen in

Sophos Mobile Control 1.0

Operating systems
Android

Permissions required

The Sophos Mobile Control client app requires the following permissions in order to run all server commands.

 

  • Your Account
    • Manage the account list
      Allows an application to perform operations like adding or removing accounts and deleting their password.
      SMC usage:
      Required to reset the password

  • Services that you pay for
    • Send SMS messages
      Allows application to send SMS messages.
      Malicious applications may cost you money by sending messages without your confirmation.
      SMC usage: Transmit the new phone number after a change of the SIM card.
    • Directly call phone numbers
      Allows the application to call phone numbers without your intervention.
      Malicious applications may cause unexpected calls on your phone bill.
      Note that this does not allow the application to call emergency numbers.
      SMC usage: The user can initiate a call to a listed administrator from the support page in the SMC client.

  • Your Location
    • Coarse (network-based) location
      Access coarse location sources, such as the cellular network database, to determine an approximate device location, where applicable.
      Malicious applications can use this to determine approximately where you are.
      SMC usage: Locate the phone.
    • Fine (GPS) location
      Access fine location sources such as the Global Positioning System on the device, where available.
      Malicious applications can use this to determine where you are, and may consume additional battery power.
      SMC usage: Locate the phone.

  • Your messages
    • Read SMS or MMS
      Allows application to read SMS messages stored on your device or SIM card.
      Malicious applications may read your confidential messages.
      SMC usage:
      1. Read initial configuration and (optional) further server notifications.
      2. Read all SMS for Backup.
    • Receive SMS
      Allows application to receive and process SMS messages.
      Malicious applications may monitor your messages or delete them without showing them to you.
      SMC usage: Read inital configuration and (optional) further server notifications
    • Edit SMS or MMS
      Allows application to write to SMS messages stored on your device or SIM card.
      Malicious applications may delete your message.
      SMC usage:
      1. Restore SMS backup
      2. Delete SMS Notifications

  • Network Communication
    • Full Internet access
      Allows applications to create network sockets.
      SMC usage: Contact the MDM server
    • View Network state
      Allows an application to view the state of all networks
      SMC usage: Device detail information for the device inventory of the MDM solutions
    • View Wi-Fi state
      Allows an application to view the information about the state of Wi-Fi.
      SMC usage: Device detail information for the device inventory of the MDM solutions.
    • Receive data from internet
      Allows the application to accept cloud-to-device messages sent by the application's service. Using this service will incur data usage.
      Malicious applications may cause excess data usage.
      SMC usage: Contact the MDM server and read the commands or settings

  • Your Personal Information
    • Read Browser's History and Bookmarks.
      Allows the application to read all the URLs that the Browser has visited, and all of the Browser's bookmarks.
      SMC usage: Read all bookmarks for backup
    • Write Browser's History and Bookmarks.
      Allows an application to modify the Browser's history or bookmarks stored on your device.
      Malicious applications can use this to erase or modify your Browser's data.
      SMC usage: Restore bookmarks from backup

  • Phone calls
    • Read phone state and identity
      Allows the application to access the phone features of the device. An application with this permission can determine the phone number and serial number of this phone, determine whether a call is active, the number that call is connected to, etc..
      SMC usage: Device detail information for the device inventory of the MDM solutions

  • Storage
    • Modify/delete USB storage contents/SD card contents
      Allows an application to write to the USB storage/the SD card.
      SMC usage: Restore files from backup.

  • System Tools
    • Write access point name settings
      Allows an application to modify the APN settings, such as Proxy and Port of any APN.
      SMC usage: Configuration of the APN setting. Note: This will no longer work with Android 4.0.
    • Modify Global System Settings
      Allows an application to modify the system's settings data. Malicious applications can corrupt your system's configuration.
      SMC usage: Configure the phone according to the MDM system settings
    • Prevent device from sleeping
      Allows an application to prevent the device from going to sleep.
      SMC usage: Processing of server commands while device is idle.


 
If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent

Comments