This article provides high level information on the data stored in Sophos Cloud.
Applies to the following Sophos product(s) and version(s)
Sophos Cloud data storage
- Sophos Cloud administrator login information - emails and passwords.
- User data, both manually and/or automatically entered via Active Directory Synchronization - username, login, Exchange login, AD group information.
- Policy information - settings (dependent of policy components), for example exemptions.
- Device information - device name, last user, operating system information, status.
- Events - type, e.g. web, device, malware, device information (file and path names, network locations, logins, etc.).
- Web events for 'blocked' and 'warned' pages are retained for reporting purposes. Not all browsing history is stored.
- All stored data is encrypted and all applications are secured and running on secured operating systems. The system is load balanced and has fail-over between 3 sites, each running 2 instances of the software, any one of which is able to provide full service.
- Communication from the client to the Cloud is performed over HTTPS to secure the data and to enable the client to trust the server.
- Sophos Live Protection, which is enabled by default at the client is not configured to automatically send samples to Sophos. It is solely used to supplement the local detection data by performing additional look-ups to the SophosLabs database, passing data such as file check-sums.