Skip to content

App Protection

You use App Protection to configure a list of apps that can only be opened after you have authorized yourself. This is useful, for example, if you want to hand over your device to somebody else, to prevent them from using certain apps.


When Sophos Intercept X for Mobile is managed by Sophos Mobile, App Protection is not available. App access is managed by your organization.

  1. In the app menu, select App Protection.
  2. In Base configuration, turn on App Protection.
  3. The Intercept X app must be an Android device administrator. If you have not activated this yet, you are forwarded to the relevant Android Settings page. Tap Activate.
  4. Select an authentication type for App Protection. You can choose from Pattern, PIN, Password and Fingerprint (if your device has a fingerprint sensor).


    When Sophos Intercept X for Mobile is managed by Sophos Mobile, the administrator can turn off fingerprint authentication.

  5. Some task managers can disable App Protection by terminating its process. For task manager protection you need to install the Sophos Security & Antivirus Guard app. A message in Base configuration points this out. Tap the message to open the app in Google Play and then install it.

  6. Tap Grace period and select the length of time for which your password is remembered when you exit an app and enter it again.
  7. Protect configuration lists apps that can be used to uninstall or otherwise disable app protection. You can also protect Google Play and other installers to prevent the uncontrolled installation of apps on the device.
  8. Swipe left. The App selection view is displayed. You can:

    • Select apps in the Unprotected list to protect them. The apps are displayed in the Protected list.
    • Deselect apps in the Protected list to remove protection. The apps are displayed in the Unprotected list.

Sophos Security & Antivirus Guard monitors the App Protection processes and restarts them if necessary.