Configure antivirus settings for Sophos Mobile Security

Prerequisite: You have activated an SMC Advanced license.
  1. On the menu sidebar, under CONFIGURE, click Profiles, policies and then click Android.
    The Profiles and policies page is displayed.
  2. Click Create and select Mobile Security policy.
    The Edit policy page is displayed.
  3. Enter a Name and a Version for the new profile.
  4. In the Description field, enter a description for the profile.
  5. Click Add configuration.
    The Available configurations page is displayed.
  6. Select Antivirus and click Next.
    The settings view of the configuration is displayed.
  7. Go to the Antivirus tab.
  8. Under General, you can specify the following:
    1. In the Cloud scan mode field, define when Sophos Mobile Security should scan for the latest malware information. Select one of the following options to define when the app should use a cloud lookup:
      • Always
      • Not while roaming
      • Wi-Fi only

      With this setting you can control the data traffic of the app. If you set Cloud scan mode to Wi-Fi only, the cloud lookup will only be performed when the device has a Wi-Fi connection. If you set Cloud scan mode to Not while roaming, a cloud lookup will never be performed while the device is roaming on a foreign network.

    2. In the Scheduled scan interval list, select how often scans are carried out.
  9. Under Targets, you can select the following:
    1. Select Scan system apps to include system apps in scans.
      System apps are not scanned by default as they are protected by the Android OS and cannot be removed by the user. But you can activate the scanning of system apps here.
    2. Select Scan SD Card, USB to scan all files on SD cards, USB and other external storage devices in addition to the default scanning of all installed apps.
  10. Under PUAs, you can do as follows:
    1. Select Detect PUAs to scan for Potentially Unwanted Applications.
      Potentially Unwanted Applications (PUAs) are apps that, while not malicious, are generally considered unsuitable for business networks. PUAs include adware, dialers, system monitors, remote administration tools, and hacking tools. However, certain apps that can fall into the PUA category might be considered useful by some users.

      If you select this option, Sophos Mobile Security will detect PUAs during scans and notify the device user accordingly.

    2. Select Enable user to allow PUAs to enable users to allow apps although they have been identified as PUAs. The user can mark them as ignored. In subsequent scans, these apps will not be shown as PUAs.
  11. Under Apps with low reputation, you can specify how to deal with these apps. Classification of apps is based on Sophos Live Protection data. Under Mode, you can do as follows:
    1. Select Allow to turn off scanning for low reputation apps.
    2. Select Warn to display a warning on the device when a low reputation app is detected. Users can then choose how to deal with the app. They can add it to a list of allowed apps so that no further warning is displayed if this app is detected.
    3. Select Block in order to prevent low reputation apps from being started. A warning will be displayed but the user cannot start the app.
  12. Under Live protection, you can do as follows:
    1. Make sure that Scan notification is selected to receive scan notifications.
    2. Select Monitor SD card to monitor the SD card for any changes. If new files are stored on the card, they are scanned.
  13. If your scan results include apps that should be allowed to start, you can add them to the list of allowed apps. Apps on this list will always be allowed to start. The apps will not be reported.
    To identify such an app, you can use the scan results of Sophos Mobile Security. See View Sophos Mobile Security scan results. Before you can allow these apps to start on the devices, you must add them to an App group, as described in App groups.
  14. To add allowed apps, select the App group containing the allowed apps.
  15. Click Apply.