Sophos’ endpoint and server protection solutions are packed with technologies that protect your customers’ organization against advanced threats. To optimize their defenses, it’s important that they are correctly configured and deployed.
The Sophos Account Health Check enables you and your customers to quickly identify and address configuration issues with Sophos protected devices, maximizing your defenses. Available to all customers managing their Sophos endpoint and server security through the Sophos Central platform, it performs a number of key checks:
- Software assignment – do devices have all the right software assigned to them?
- Threat policy – are policies using recommended settings?
- Exclusions – are any exclusions creating significant exposure?
- Tamper protection – has tamper protection been disabled?
While recommended settings are automatically applied with all new Sophos deployments, over time issues can develop as devices are added and removed, team members change, and different software subscriptions are purchased.
We recommend customers (or you) review the health check at least every three months to maintain a healthy environment.
Getting started with the Account Health Check
Find the Account Health Check in the main menu in Sophos Central:
Clicking through takes you to the Account Health Check dashboard where you can see the status of all the checks in one place.
Example Check: Tamper Protection
Tamper protection prevents adversaries from turning off your customers’ defenses so they can deploy their payloads. The tamper protection check identifies any machines with this feature disabled and provides guidance on how to fix it.
Click the link to jump directly to device management list, then select the impacted devices and turn tamper protection back on.
If tamper protection has been turned off at a global level, you will be prompted to enable it in the Global Settings before fixing individual machines.