Sophos Home Premium Review

Sophos Home Premium antivirus looks like very good value, but the devil's in the detail. Here, we share our Sophos Home Premium review and reveal how it compares to other antivirus suites we've reviewed.

Sophos Home Premium Price and Availability

Sophos Home Premium is priced at £40/$50 per year for 10 devices (including PC, Mac, phones and tablets), which is very reasonable and compares closely with rivals such as ESET and McAfee.

It's available to buy from the Sophos website

There is a free version available, but it misses out on features such as privacy protection, ransomware protection and support. Plus, the free version only protects three devices rather than 10.

Sophos Home Premium features

This product marks a departure from the norm in that instead of its interface giving direct access to modules and settings, there are just two buttons. One begins a scan. The other opens a web page containing all the controls and settings.

Everything you need to manage the product is in the cloud. Personally, I like my controls built into the product itself, but I also realise I'm getting old. Cloud computing is the way the world does things now.

After installation, Sophos scans your computer for threats. It found 257 tracking cookies on mine. However, deleting them also logged me out of Google, the BBC, and other services I use all the time. Luckily, my password manager logged me back in.

On the plus side, the protection modules are comprehensive and specialised. Malicious traffic is filtered, keeping you safe from any malware that manages to slip past Sophos' defences and tries to contact its command and control server.

The PUP module prevents potentially unwanted programs (adware etc.) from being installed, either deliberately or by sneaking in with other applications. Exploit mitigation prevents known techniques being used against vulnerable and old programs that do not have security patches available.

The dedicated ransomware module not only prevents your files being held hostage, but also protects against the kinds of exploit that enabled the Wannacry and NotPetya attacks that caused so much trouble in 2017. These attacks were more dangerous because they could spread to other computers on the network.

Web protection prevents you from visiting known attack sites, uses a  community reputation service to gauge whether downloads are likely to be malicious, and provides protection from threats such as keyloggers when accessing banking sites. 

The web content filtering controls are comprehensive, and split into sections covering general interest sites, social media, adult content and any exceptions you would like to set up. The level of detail is impressive. You can even block proxies and translators.

Despite the range of protection modules, some useful tools are still missing or underpowered. The privacy section, for example, only has an option, which alerts you to unauthorised use of your webcam. There are no other controls.

A local network scan, to both identify devices and to check them for security issues, is also absent. Other functionality feels sparse. Right clicking a file allows you to scan it, for example, but that's all.

There's no option to securely shred it or to send it to the cloud for further examination. Speaking of options, scanning seems to be limited to the default “Clean My Computer”. There's no option to run a boot-time scan, when any stealthy malware is still sleeping on disc, or to run a thorough, deep scan. It also seems to be impossible to initiate a remote scan of a device from the cloud.

There are also a few glitches to contend with. First, tabbing between applications using Alt-Tab randomly began sticking the application window thumbnails to the screen until I hit enter on the one I wanted, rather than selecting the one I wanted when I let go of the keys. Uninstalling the product returned to the original functionality, but re-installing it also caused the glitch again.

More seriously, whenever I booted the computer, Windows Defender would have a red cross on its taskbar icon, indicating it was unable to get the status of Sophos. This lasted several minutes each time. Everything seemed to be OK, and Sophos was actually running, but it's a glitch that could put some people off.  Also, being cloud-based, if you're offline, you're cut off not only from the internet, but also from the product's controls.

Also, while flicking through pictures on Facebook, Sophos suddenly popped up to tell me that it had prevented a “ROP” attack. It also sent me an email to the same effect. While trying to investigate further and to get an accurate description of the meaning of “ROP”, I found that log entries are very sparse indeed, and nothing is clickable to obtain more information. This is not good for understanding what's going on.

Although Sophos Home Premium is for PC and Mac only, the free Sophos Mobile Security app for Android is feature packed. Along with the usual scanner and theft prevention (which correctly identified my tablet is not a phone), there's also comprehensive web filtering, password protection for user-selected sensitive apps, a secure QR code scanner, and a password safe, along with privacy and security advisors. It's a very pleasant surprise. Some paid-for mobile AV offerings could learn a lot from Sophos Mobile Security.

SHOULD I BUY SOPHOS HOME PREMIUM?

A low price tag, healthy device count, and cloud-based management can't distract from the feeling that some useful, increasingly standard security basics are missing.