Prerequisite: You have activated an SMC
On the menu sidebar, under CONFIGURE, click
Profiles, policies and then click
The Profiles and policies page is
Click Create and select Mobile Security
The Edit policy page is displayed.
Enter a Name and a Version for
the new profile.
In the Description field, enter a description for the
Click Add configuration.
The Available configurations page is
Select Antivirus and click
The settings view of the configuration is displayed.
Go to the Antivirus tab.
Under General, you can specify the following:
In the Cloud scan mode field, define when Sophos
Mobile Security should scan for the latest malware information. Select
one of the following options to define when the app should use a cloud
- Not while roaming
- Wi-Fi only
With this setting you can control the data traffic of the app. If you
set Cloud scan mode to Wi-Fi
only, the cloud lookup will only be performed when
the device has a Wi-Fi connection. If you set Cloud scan
mode to Not while roaming, a
cloud lookup will never be performed while the device is roaming on
a foreign network.
In the Scheduled scan interval list, select how
often scans are carried out.
Under Targets, you can select the following:
Select Scan system apps to include system apps
System apps are not scanned by default as they are protected by the
Android OS and cannot be removed by the user. But you can activate the
scanning of system apps here.
Select Scan SD Card, USB to scan all files
on SD cards, USB and other external storage devices in addition to the
default scanning of all installed apps.
Under PUAs, you can do as follows:
Select Detect PUAs to scan for Potentially
Potentially Unwanted Applications (PUAs) are apps that, while not
malicious, are generally considered unsuitable for business networks.
PUAs include adware, dialers, system monitors, remote administration
tools, and hacking tools. However, certain apps that can fall into the
PUA category might be considered useful by some users.
If you select
this option, Sophos Mobile Security will detect PUAs during scans
and notify the device user accordingly.
Select Enable user to allow PUAs to enable users
to allow apps although they have been identified as PUAs. The user can
mark them as ignored. In subsequent scans, these apps will not be shown
Under Apps with low reputation, you can specify how to
deal with these apps. Classification of apps is based on Sophos Live Protection
data. Under Mode, you can do as follows:
Select Allow to turn off scanning for low
Select Warn to display a warning on the device
when a low reputation app is detected. Users can then choose how to deal
with the app. They can add it to a list of allowed apps so that no
further warning is displayed if this app is detected.
Select Block in order to prevent low reputation
apps from being started. A warning will be displayed but the user cannot
start the app.
Under Live protection, you can do as follows:
Make sure that Scan notification is selected to
receive scan notifications.
Select Monitor SD card to monitor the SD card
for any changes. If new files are stored on the card, they are
If your scan results include apps that should be allowed to start, you can add
them to the list of allowed apps. Apps on this list will always be allowed to
start. The apps will not be reported.
To add allowed apps, select the App group containing the