Tamper Protection

You can enable or disable tamper protection for all your servers and users' computers.

To do this, in Settings, open the Tamper Protection page.

When tamper protection is enabled, a local administrator cannot make any of the following changes on their computer unless they have the necessary password:

  • Change settings for on-access scanning, suspicious behavior detection (HIPS), web protection, or Sophos Live Protection.
  • Disable tamper protection.
  • Uninstall the Sophos agent software.

Manage tamper protection for a specific device

You can change the tamper protection settings for a specific device or server.

Open the device's details page and select the Tamper Protection tab. There you can do as follows:

  • View the password.
  • Generate a new password.
  • Temporarily disable tamper protection for that device.

Recover tamper protection passwords

You can recover the tamper protection passwords of devices that you’ve recently deleted.

You might need to do this so that you can uninstall Sophos software that is still on those devices.

For details, see Recover tamper protection passwords.