Thanks for the quick response, Ian. Good to know that some protection for Kabuto is in the works. As for EAM, that also is good to know, though it doesn't address temporary disablement of protections which open the door to vulnerabilities.
For example; I have a client whose roommate has just enough knowledge to be dangerous (you know the type). This roommate likes to hang out in the seedier parts of the net, and complains that they are unable to get to their porn sites as freely as they wish. Since I offer my managed clients free virus removals should something make it past our defenses, the ability to temporarily turn off protections (even if only until the next sync) is concerning in this case. Being able to effectively lock protections in place protects both me and my client from the roommate. This could easily (?) be accomplished by requiring a password to make changes to EAM. I do understand that this may require Emsisoft to write such a thing into their product rather than Kabuto being able to manage that. I'm not a developer so I wouldn't know. Of course this isn't the only scenario when password protecting EAM may prove beneficial.