Do Sophos SafeGuard products have backdoors?
Known to apply to the following Sophos product(s) and version(s)
Sophos SafeGuard File Encryption for Mac
SafeGuard LAN Crypt Client for Terminal Server
SafeGuard LAN Crypt Client for PC
SafeGuard LAN Crypt Administration
SafeGuard Enterprise for Mac
All supported operating systems
What To Do
Sophos security products (SafeGuard Enterprise, SafeGuard Enterprise for Mac, Easy, PrivateDisk, PrivateCrypto and LANCrypt) do not offer any backdoors whatsoever, because this would allow access to encrypted data without knowledge of a proper password or certificate key.
SafeGuard products provide a number of mechanisms that allow the customers themselves to take precautions.
For example, customers can configure recovery passwords or certificates for administrators for all products except PrivateCrypto. These passwords or certificates can be used to allow users to reset their passwords or to grant access to encrypted data.
Attention: If these recovery functions have not been configured by the customer, there is no way for the customer himself nor Sophos to access/decrypt the data if the user password has been forgotten.