FAQ
Why do I have to remove the old Sophos virus protection from my private device?
From July 20, 2023, the old virus protection will no longer receive any updates. A short time later, the virus protection will stop working. We do not know when this point in time will be. The installed, outdated virus protection represents a risk, also because it can cause your operating system's native virus protection (Defender in Windows) to remain inactive.
Why can't I use Sophos Home on a university-owned device?
When you register with Sophos Home, you enter into a contract with Sophos. This contract contains licensing and data protection aspects that are not permitted on a university-owned device.
Why do I have to contact my IT manager to get the installation files?
Decentralized IT managers have their own management environment for the devices they are responsible for. Using customized installation files ensure that your devices are assigned to the correct management environment.
How do I remove Sophos Intercept X from my selfmanaged device? There was a problem setting up Sophos.
Sophos activates the tamper protection during setup. To remove Sophos Intecept X, you first have to contact your local IT-department to turn off the tamper protection for the device in the Sophos management portal. Afterwards, you can uninstall Sophos from the device. Please note, that only computers with active virus protection are allowed in the UHH network.
Why am I not allowed to install Sophos Intercept X on my personal device? I use it for business purposes.
For licensing and data protection reasons, the Sophos Intercept X agent may only be installed on business devices.
Will I be monitored by using Soho's Intercept X?
Sophos Intercept X is not used to monitor employee behavior or performance. Statistical analysis of content-related activities is not possible. Timestamps for technical deployment or risk analysis in the case of malware are only used for technical administration. This data is not passed on to third parties.
In the Sophos administration interface, logins to the computer, timestamps of the last activity, and the status of the Sophos Agent are recorded. In total, the following data is recorded:
- Usernames
- IP Addresses
- MAC Addresses
- Processes
- Applications
- Browser Add-ons
- File Hashes
- File Paths
- Hostnames
- Ports
- System Events and Log
- Email addresses (Administrators only)
- Customer ID
- Machine ID.
Only those IT managers who manage client computers have access to the data in Sophos. For faculties directly managed by the RRZ, these are the employees of the Client Management group. For other faculties, decentralized IT managers have access to that data. A list/assignment can be seen here: https://www.rrz.uni-hamburg.de/services/computerarbeitsplaetze/betreuungsbereiche-endgeraete/it-service-teams.html.
Why does the RRZ not recommend any virus protection product for private use?
Using and protecting your personal end devices is your responsibility. For reasons of liability, the university is not allowed to make any recommendations here.
Do I have to install and actively run Sophos Intercept X on my work device?
The net policy https://www.rrz.uni-hamburg.de/beratung-und-kontakt/policies/netpolicy.html and its terms of implementation apply. Paragraph 2: End device security 1 b. Virus Protection of the terms of implementation state: An updated virus scanner with automatic updating must always be used. The RRZ currently offers a university-wide campus license for the Sophos virus scanner.
When using alternative virus scanners to Sophos, it must be ensured that data protection is observed. If necessary, data processing contracts are to be concluded. The recommendation is to use the standard Sophos Intercept X. The next time the terms of implementation are changed, there will be adjustments to virus and threat protection provisions.
Do I have to install a virus scanner on my private end device and let it run actively if I bring it into the UHH network?
The net policy https://www.rrz.uni-hamburg.de/beratung-und-kontakt/policies/netpolicy.html and its terms of implementation apply. Paragraph 2: End device security 1 b. Virus Protection of the terms of implementation state: An updated virus scanner with automatic updating must always be used.