Antivirus configuration (Mobile Threat Defense policy for Android)

With the Antivirus configuration you manage the malware protection settings of Sophos Intercept X for Mobile.

Note When you assign this configuration to a device, the corresponding settings in Sophos Intercept X for Mobile are disabled. The user can’t change them.



Cloud scan mode

Select when Sophos Intercept X for Mobile loads the latest malware information from the Sophos server.

Scheduled scan interval

Select how often malware scans are performed.

If you select Daily while charging, a scan is performed when the device is connected to a power supply for more than 30 minutes.

Scan system apps

Scan system apps.

System apps aren’t scanned by default because they are protected by the Android OS and because the user can’t uninstall them.

Scan storage

Scan all files on internal shared storage, SD card, and connected USB devices for threats, in addition to the default scanning of all installed apps.

Detect PUAs

Scan for Potentially Unwanted Applications (PUAs).

PUAs are apps that, while not malicious, are generally considered unsuitable for business networks. PUAs include adware, dialers, system monitors, remote administration tools, and hacking tools. However, certain apps that can fall into the PUA category might be considered useful by some users.

Enable user to allow PUAs

Users can allow an app that was classified as PUA. Allowed apps are ignored in subsequent scans.


Select how to deal with low reputation apps:

Allow: Turn off scanning for low reputation apps.

Warn: Display a warning on the device when a low reputation app is detected. Users can choose how to deal with the app. They can add it to a list of allowed apps so that no further warning is displayed if this app is detected.

Block: The user can’t start low reputation apps.

Scan notification

When an app is scanned after installation, Sophos Intercept X for Mobile creates a notification.

If the check box is cleared, no notifications are created for clean apps.

Monitor storage

Monitor internal shared storage, SD card, and connected USB devices for changes. When new files are stored in these locations, they are scanned.

App group

Select a group of allowed apps. The apps in that group are excluded from scans.