This is a highly anticipated product release, which couldn’t come at a better time.

If you’re already thinking of replacing a firewall, then it’s very likely that other pieces of network infrastructure are also under discussion. If you’re replacing your Wi-Fi, as soon as you have more than a couple of access points, you need something to power them or the search for available power sockets starts. Or maybe you need to separate IoT devices from other business devices on the network in one of your many remote offices. The answer is almost always a switch. And if everything comes from a single vendor, you can generally improve your network visibility, reduce your management overhead, and potentially also optimize the price.

While switches may not be the first products you think of when considering cybersecurity, access layer switches are generally the gatekeepers for device access to the rest of the network, and as if that weren’t enough, they’re the masters of segmentation. I’m sure we’ve all learned in our networking 101 best practices book, network segmentation is key when it comes to minimizing the exposure of a network in case of a breach, as it prevents lateral movement. Of course, many other solutions also have their role to play in that scenario, but you should never underestimate the role a switch can play.

And so, by popular demand, we’re now introducing switches.

The Sophos Switch Series

We will initially offer eight models, with two more expected towards mid-2022. Here’s a snapshot of the key specifications.

All switches can be managed in Sophos Central alongside your other Sophos products, however, the full feature set and configuration will only be available via the local web user interface from the first release. Management is also supported using the Command Line Interface (CLI) or Simple Networking Management Protocol (SNMP).

Sophos Central will be the key to some unique features in the future and yes, we do eventually plan to offer synchronized security, however, there is no final date for the introduction of that functionality that we can communicate at this time.

If you’re one of the many businesses struggling with ever-more devices to connect and power and are looking for a way to take back control of your network, Sophos Switch may just be the perfect solution. Our switches are ideal for small and medium-sized business, branch offices, retail, services, even remote and home offices will benefit from a more business-oriented setup, now that many of those have gone from being temporary to permanent.

While launching a hardware product in the current climate takes a bit of coordination, we will have first limited quantities available from December 16 and volumes will ramp up from January 2022 onwards. We plan to do the official market announcement for these products on January 11.

Further information is available on our website under sophos.com/switch.

Source: Sophos

Understandably, the terms data security and data privacy are frequently muddled together and sometimes used interchangeably. While they are naturally connected, they are also unique and separate concepts.

To help ensure the data your customers and employees entrust to your organization is both handled appropriately and secured throughout its lifecycle, review these concepts, along with their associated policies, procedures, and technologies, to help prevent malicious or unintentional misuse or loss of data.

What is Data Privacy?

Data privacy focuses on how personal data is collected, used, and shared – in other words, its governance. Regulations and laws addressing data privacy can vary by state and country in terms of how stringent they are and how they are enforced.

Worldwide, countries are coming to the realization that the strict guidelines designed to protect personal data privacy are in the best interest of both an organization and individuals. The European Union’s General Data Protection Regulation (GDPR) is the strictest regulation to date, with other countries modeling regulations after the privacy mandates of the GDPR. Some of note: the California Consumer Privacy Act (CCPA), Brazil’s Lei Geral de Protecao de Dados (LGPD) and Canada’s proposed Digital Charter Implementation Act, to name a few.

While these enacted and proposed regulations are a huge step in ensuring data privacy, without a solid data security foundation and technological solutions in place, data privacy simply cannot happen.

What is Data Security?

Data security, as opposed to data privacy, focuses on how data is protected from the many external and internal threats that exist. Data security policies and procedures can mitigate cyberthreats and inadvertent misuse; however, just putting these measures in place does not typically fully address data privacy concerns and regulations.

Data security encompasses the actual solutions an organization puts in place to protect digital data at all points – from endpoints to networks to the perimeter.

A comprehensive data security policy should form the blueprint for your data security measures and cover three key areas: people, processes, and technological solutions to help enforce any policies set to surround and protect sensitive and private data.

What’s the Difference Between Data Privacy and Data Security?

First, data privacy is NOT the same as data security. Data security is all the measures, policies, and technologies taken to protect data from external and internal threats. However, applying data security measures alone does not necessarily satisfy data privacy requirements. Data privacy still requires adherence to regulations surrounding how the data organizations secure is collected, shared, and used.

Data security protects data from malicious threats; data privacy addresses responsible governance or use of that data.

When developing data security policies, the focus of protection measures is on preventing unauthorized access to data. Tools such as encryption, user authentication, and tokenization can all amp up an organization’s security stance.

When tackling data privacy concerns, the focus is on data being procured, processed, stored and sent in compliance and with consent of the data subject. If an organization is gathering data, individuals need to know what type of data will be collected, why it is needed and who will share this data for transparency. In addition, the data subject needs to agree to these terms.

Using data with respect to an individual’s privacy is the key to data privacy. Data security measures can help ensure that personal identification in collected data is protected.

Protect Data Privacy and Security with Layers of Security Solutions

Is there a singular solution to offer protection? No. However, establishing policies and procedures to address sensitive data protection, as well as layering security solutions, can provide outstanding protection to data throughout its lifecycle.

Layering solutions can address both privacy and security concerns. When choosing technology to support your organizational privacy and security policies, check to ensure that the solutions can easily integrate to address these three key tactics:

1. Identify and classify files that may contain sensitive data

2. Encrypt data to render sensitive data unreadable unless authorized

3. Detect and prevent leaks of sensitive information outside your organization

4. Secure and protect sensitive data that is shared inside and outside your organization

5. Manage rights to digital data to encrypt and control access to data no matter where it travels

HelpSystems offers a suite of data security solutions, including data loss protection, identification and classification, secure managed file transfer, and more.

Source: HelpSystems

Customers have spoken–naming Sophos an October 2021 Gartner Peer Insights Customers’ Choice for Endpoint Protection Platforms (EPP). What’s more, Sophos is the highest rated and most reviewed vendor, and the only vendor to be named a Customers’ Choice in all four global deployment regions: North America, EMEA, Latin America, and Asia Pacific. Across 505 independent reviews, customers overwhelmingly recommend Sophos, with an average rating of 4.8 out of 5 as of 31st August 2021.

Based solely on independent customer reviews that have been rigorously evaluated by Gartner, we believe this nomination is testament to the unparalleled real-world protection, detection, and response that Sophos delivers every day to enterprise customers around the globe.

Double recognition is a double honor

This distinction follows hot on the heels of Sophos being named a Leader in the 2021 Gartner® Magic Quadrant™ for Endpoint Protection Platforms (EPP) in May 2021. To be recognized by both our customers and Gartner analysts this year is a double honor in our view and we could not be more proud.

The voice of the customer

Gartner Peer Insights shares the independent voice of verified enterprise customers. Recent feedback on Sophos’s endpoint protection includes:

“Detection & protection that truly keeps up with the ever-growing threat landscape”
Manufacturing, $50M–$250M, North America

“The deep learning and artificial intelligence give an excellent detection response which has led to a significant decrease in ransomware attacks”
Retail, $10B–$30B, Asia Pacific

“Zero-day detections are excellent. We’re notified of threats by Sophos often before our SOC knows what may be going on”
Manufacturing, $500M – $1B, North America/Latin America/Asia Pacific

These are just three of over 750 Sophos endpoint protection customer reviews available on the Gartner Peer Insights site. I would like to take this opportunity to thank our customers who have shared their feedback; we truly appreciate your time and your trust.

Optimize prevention. Minimize time to detect and respond

Sophos Endpoint gives you world-leading prevention, detection and response capabilities designed for real-world environments. Whether you choose to manage your security yourself or have our team do it for you, you are backed by unparalleled human and technical expertise.

Optimize prevention

No one is more focused on preventing attacks than Sophos and over the past year independent 3rd party testing shows we stop, on average, 99.98% of all threats. We achieve this via a two-pronged strategy:

Reduce the attack surface, removing opportunities for attackers to penetrate your organization. This includes:

• Blocking potentially unwanted applications and malicious or suspect websites based on content or URL rating
• Controlling what applications and devices are allowed to run
• Locking down server configurations in a single click

Prevent attacks from running, using layered protection technologies to stop both the threats and the tactics attackers use:

• AI-based behavior prevention blocks the unknown based on techniques, behaviors, and anomalies
• Behavior-based anti-ransomware technology prevents attackers from encrypting your files
• Exploit prevention stops the techniques attackers use, protecting against attacks that leverage previously unknown vulnerabilities

By stopping attackers from gaining a foothold, Sophos reduces the signal-to-noise ratio, enabling defenders to focus on fewer, more accurate detections.

Minimize time to detect and respond

Our robust tools and human expertise quickly identify, defuse, and eject attackers before they can take control.

• We provide 24/7/365 threat hunting and neutralization delivered as a fully-managed service by Sophos experts
• Our team becomes your team, and our threat hunting expertise helps augment and extend your team
• The open Sophos XDR platform integrates with your existing security operations (and we’re proud to be named a Representative Vendor in the new Gartner Market Guide for XDR)

Ultimately this approach delivers superior security outcomes for our customers: better protection, reduced risk, and lower total cost of ownership (TCO).

Learn more

To dive deeper into these independent reviews of Sophos’ endpoint protection, I encourage you to:

• Review the October 2021 Gartner Peer Insights Customers’ Choice for endpoint protection platforms (EPP)
• Read the 750 verified customer reviews on Gartner Peer Insights site
• Check out the 2021 Gartner Magic Quadrant for Endpoint Protection Platforms

If you’d like to discuss your endpoint security requirements and how Sophos can help, please reach out to your Sophos representative or speak with our in-house team who would be delighted to help.

Source: Sophos

We are pleased to announce that Sophos Intercept X  has received ‘Top Product’ certification in AV-TEST’s October 2021 testing for Windows devices. This follows a perfect score for protection, usability and performance in the June 2021 testing for macOS devices and ‘Approved’ certification in the July 2021 test for Android devices.

These AV-TEST awards are among a number of recent highlights for Sophos Intercept X:

SE Labs

SE Labs named Intercept X as the ‘Best Enterprise Endpoint Solution’ in their 2021 Annual Report. This fantastic achievement follows Intercept X receiving Best Small Business Endpoint Solution for two years running in the SE Labs 2019-2020 Annual Reports.

Gartner®

Gartner recently published its first-ever Market Guide for Extended Detection and Response (XDR) which provides guidance for security and risk management leaders considering investments in XDR. Sophos is named among a shortlist of 12 Representative Vendors offering an XDR solution.

Earlier this year, Sophos was named a “Leader” in the 2021 Gartner Magic Quadrant for Endpoint Protection Platforms (EPP) for the 12^th consecutive report. While other vendors come and go, Sophos continues to lead.

Sophos Intercept X endpoint protection is rated 4.8/5 on Gartner Peer Insights as of November 26, 2021, based on 577 verified reviews over the previous 12 months.

CRN

Sophos MTR won the award for ‘Best Managed Detection and Response’ at the CRN 2021 Tech Innovator Awards. With Sophos MTR, organizations benefit from 24/7/365 threat hunting, detection and response, delivered as a fully-managed service by our expert operators.

Try Sophos Intercept X today

Activate a free trial today and take Sophos Intercept X for a test drive. It combines industry-leading prevention capabilities that block ransomware, exploits and never seen before malware with powerful XDR for advanced threat hunting and IT operations.

Source: Sophos

Branch networks are present in several industries, but they often share common needs. Here are five present trends when it comes to branch networking.

Centralized and Remote Management

Despite the challenges brought, COVID-19 couldn’t stop all businesses from growing. It might even have made them stronger! Enterprises that know how to make use of a quality branch network system are the ones who thrive in these difficult times. With employees working from home and the business environment being uncertain, you should be able to manage all branches without a hitch from one location, be it the headquarters, a data center, or simply your home office.

Enhanced Security 

Moving everything from the data center to the cloud is, in no doubt, more efficient and convenient, but is it safe? Gartner introduced the concept of SASE (Secure Access Service Edge) in 2019. However, enterprises are still concerned about the cybersecurity of their branch networks in 2021. When cyberattacks only get more aggressive over time, it is time to review your current branch network infrastructure to make sure all your data and top business secrets are in good hands.

Ready for 5G

More and more enterprises will be using 5G technology as it becomes more prominent and it enables rapid development of new branches. When it comes to connectivity, speed is not everything though. Other than using 5G, you also need to ensure that the network you are using is reliable anytime anywhere.

Automation and AI Support

You may not need a robotic arm at your store to impress customers, but automating your services and using artificial intelligence will definitely add value to your business. By incorporating IoT-friendly devices into your network infrastructure, you will not only increase the efficiency and cut the cost of your branches in the long term, but also enhance the customer experience and upgrade your brand image.

MPLS Replacement

We all know about the benefits of implementing SD-WAN solutions and the importance of replacing the expensive MPLS (Multiprotocol Label Switching). While fancy new technologies might seem like the perfect solution for your branch networking, it is easy for us to omit the fact that the hard part is the integration. Thus, other than looking for cool and cutting-edge devices, you may also consider the flexibility and versatility of the new solution.

Source: Peplink

[vc_row][vc_column][vc_column_text]

[/vc_column_text][/vc_column][/vc_row]

For several years now, we’ve been hearing that MSPs will become obsolete, rendered unnecessary as businesses take advantage of more plug-and-play, cloud-based platforms, and tools. “Why use an MSP,” they say, “when in the very near future, I’ll just be able to buy all my services and monitoring in the cloud?”

But at Iconic IT, we’ve found just the opposite to be true. The more cloud-based tools we offer to small and medium-sized businesses, the more they seem to need our services. In a way, the move to the cloud has freed us, taking us away from wires and server rooms and into the boardroom. And Iconic has provided that leadership to our clients, in no small part because of our partnership with Datto.

There’s an abundance of cloud backup and monitoring systems out there, but we’ve found that Datto products have allowed us to do more and provide better for our clients. To put it simply, Datto tools have allowed us to be more:

1. Strategic

Cloud-based tools have taken away a lot of the grunt work, installations, and comms bottlenecks we used to know. And with Datto, we have visibility into our client’s entire network. And because it’s in the cloud, we don’t have to worry about our own hardware to maintain. We can manage all our client’s endpoints, and come back to them with focused, clear security advice. We can focus on the true issues because Datto filters out the noise. And when we make big cybersecurity saves, our clients can relax knowing we have their back.

That’s no small thing. When they know their basic security needs are covered, they have space to talk about their future needs. We can ask them questions like: how can we help you solve the issues you’ll be facing soon? And how can we build your tech infrastructure now, so you’ll have the right foundation to build on?

This kind of discussion led us to land a small bank system in the Denver area as a customer. We were able to consolidate all their backups and monitoring into one unified system—while helping them meet all their data regulatory requirements. They got better service, at a better price, and reduced their business headaches considerably.

2. Responsive

What will happen to my business if there’s a disaster? A power outage? Flooding? A massive ransomware attack? How quickly can you get my business up and running again?

This is the central question clients ask us, and we’d better have the right answer. We feel comfortable selling our Datto backup systems because we use them ourselves. And we’ve seen first-hand how well it works. Just last winter, for instance, we had a power outage at our headquarters in Rochester, New York that lasted for two days. When we had that snowstorm, our servers went down too. But we were able to run everything on Datto’s servers, and it worked just like our own on-site server rooms were operating. Our employees never knew the difference, and neither did our customers, who are relying on us to be able to keep their networks going.

3. Affordable

This may raise some eyebrows, but we’ve found the investment is worth it. Why? Because Datto was one of the first to market with their backup and monitoring technologies, and their systems are the most mature. Their systems work seamlessly with ours. The labor costs that save us are enormous, because it works every time, with very few hiccups.

Datto’s products also scale well, based on the size of our clients and their user base. As more providers like Datto provide this kind of price package, the more we can drive enterprise-grade security and backup to even the smallest of clients.

4. Ahead of the security curve

Cybersecurity has been topic number one for MSPs for a while now, as ransomware and hacking attempts have risen to near unimaginable levels. But it’s our job to imagine just how bad it can get, and keep encouraging our clients to invest.

Datto products help us get there because they’ve created a true partnership with MSPs. When monitoring tickets get to us, we know they’re actionable and worth our time. We never have to worry about whether our backups are going to work. We know they will.

Luckily, market forces seem to be pushing even smaller clients to invest in sophisticated cybersecurity tools. It doesn’t hurt that the Biden White House has taken on the cybersecurity of businesses as a national security issue. They will be issuing guidelines that will likely help us sell through complex security products like RMM.

With the right partnerships, the future looks bright

We firmly believe that MSPs will only continue to rise, as we combine our “friendly local IT guys” with the monitoring power and backup capacity of companies like Datto. Small businesses have always been the country’s great innovation engine. And as their tech partners, it’s up to MSPs like us to see that they keep pace. We’re looking forward to everything the future can bring us, and we hope you are, too.

Source: Datto

Whether you have no archiving or are simply using what’s built into Microsoft Exchange Server (on-premises), your archiving choice may be hurting the organization more than it’s helping.

The archiving of email from within Microsoft Exchange Server is a multi-faceted thing; many see the archive as a backup (which it can sort of act as one, but that’s not its’ purpose) for older email, while others see it as a means to offload unnecessary email to lower the storage load on Microsoft Exchange over time.

The reality is the archive is much more. The archive serves as a historical record of all email correspondence. It has a role in lawsuits, proving adherence to regulations, aiding in locating prior correspondence, or just helping a user find a forgotten email address of someone they previously communicated with.

The archive has the potential to become involved in many parts of operations, so it’s important to be sure the archiving methodology you have today is the correct one. But you may think whatever is in place now is just fine, but there are three reasons why you should consider your email archiving options.

Reason 1 – You May Not Be Meeting the Business Needs

Many times, IT folks start with the technology first and work their way back to business requirements. With email archiving having financial, legal, and technical implications, it’s imperative that you first understand what the business needs from archiving… and then go find the best way to implement it. For example, legal may want the email sent and received by specific roles within the organization to be held for, say, seven years, while finance wants to keep storage costs down and minimize any retention whatsoever, all while HR needs emails between two specific individuals held for 2 years in case of a lawsuit.

See? Everyone has their own needs – and it is possible to meet everyone’s requirement; you just need to start with the business needs and then determine first if your current archiving method meets those needs and if not, what solution will.

Reason 2 – Not all Archiving is the Same

There is no magic “archive this mailbox” checkbox and suddenly all the right emails are archived. The closest thing to this is Journaling within Exchange, where a copy of every email is stored. While comprehensive in scope, it may be overkill from both a storage and search perspective, making even this option less than viable. In addition to the “what” is archived, there’s also concerns around who can access the archive, is the data a read-only archive, is it secure, will it be available if Exchange is down, and more.

It’s important to list out the important criteria and expectations your organization have for an archiving solution, and to determine how each of your archiving choices meet the need.

Reason 3 – You May Be Missing the Compliance Mark

We’ve left compliance for last, as the growing list of compliance regulations continually makes archiving that much more complex. Where one regulation mandates keeping specific email content for 5 years, another wants to keep a completely separate set of emails for 7 years. Sure, that Journaling option previously mentioned can do the trick if you keep everything for the longest duration required, but that method comes with a hefty storage and productivity price tag. It’s important to implement email archiving in a way that meets the specific needs of each regulation; with the newer laws spelling out hefty fines, the organization has to get the archiving right.

Ready to Consider Your Options?

An email archive is a critical part of your messaging environment and not just a copy of old emails. Upon realizing its importance, you recognize the need to truly look into whether native options meet the need or not. Your next steps are to determine what business factors will influence your archiving needs and evaluate your archiving options – whether they rest within Exchange itself or are third-party.

Source: MailStore

[vc_row][vc_column][vc_column_text]

[/vc_column_text][vc_column_text]

[/vc_column_text][vc_button button_color=”color-210407″ size=”btn-lg” radius=”btn-round” border_width=”0″ link=”url:https%3A%2F%2Fwww.beyondtrust.com%2Fblog%2Fentry%2Fprivilege-escalation-attack-defense-explained%2F%3Futm_source%3DNSS-NewsBlog%26utm_medium%3DArticle%26utm_id%3DNSS||target:%20_blank|”]Privilege Escalation Attack and Defense Explained[/vc_button][vc_button button_color=”color-210407″ size=”btn-lg” radius=”btn-round” border_width=”0″ link=”url:https%3A%2F%2Fwww.beyondtrust.com%2Fresources%2Fwhitepapers%2Fmicrosoft-vulnerability-report%2F%3Futm_source%3DNSS-NewsBlog%26utm_medium%3DArticle%26utm_id%3DNSS||target:%20_blank|”]Microsoft Vulnerabilities Report 2021[/vc_button][vc_button button_color=”color-210407″ size=”btn-lg” radius=”btn-round” border_width=”0″ link=”url:https%3A%2F%2Fwww.beyondtrust.com%2Fresources%2Fwhitepapers%2Fzero-trust-approach-to-windows-mac-endpoint-security%2F%3Futm_source%3DNSS-NewsBlog%26utm_medium%3DArticle%26utm_id%3DNSS||target:%20_blank|”]A Zero Trust Approach to Windows & Mac Endpoint Security[/vc_button][vc_button button_color=”color-210407″ size=”btn-lg” radius=”btn-round” border_width=”0″ link=”url:https%3A%2F%2Fwww.beyondtrust.com%2Fpassword-management%2F%3Futm_source%3DNSS-NewsBlog%26utm_medium%3DArticle%26utm_id%3DNSS||target:%20_blank|”]A Complete Password Management Solution[/vc_button][vc_button button_color=”color-210407″ size=”btn-lg” radius=”btn-round” border_width=”0″ link=”url:https%3A%2F%2Fwww.beyondtrust.com%2Fsecure-remote-access%2F%3Futm_source%3DNSS-NewsBlog%26utm_medium%3DArticle%26utm_id%3DNSS||target:%20_blank|”]Secure Remote Access Solutions[/vc_button][vc_empty_space empty_h=”2″][vc_column_text]

[/vc_column_text][/vc_column][/vc_row]

Sophos is thrilled to be awarded Security Vendor of the Year in the European IT & Software Excellence Awards 2021. Now in their 12^th year, the awards have been designed to recognise and reward excellence in European software development, IT and Telecoms solutions. Carl Friedmann, Editor at IT Europa, commented:

In what was one of the most crowded award categories, Sophos impressed the judges with the depth and breadth of its offering including a strong managed threat detection and response solution well suited to the needs of the channel.

The awards are voted for by a panel of judges including IT Europa’s editor, Carl Friedmann, and Jessica Figueras, vice chair of the UK Cyber Security Council. Jessica works with start-ups and scale-ups on growth strategy and advises UK Government on technology and policy issues relating to online harms and security.

Jason Ellis, vice president EMEA channel at Sophos shared his delight on this prestigious award win:

Sophos is honoured to win the coveted Security Vendor of the Year 2021 at the European IT and Software Excellence Awards. The extraordinarily high levels of complex ransomware and other cybercrimes has accelerated the need for effective, comprehensive cybersecurity for businesses of all sizes, and this award recognises our dedication to provide the best and most complete set of cybersecurity solutions in the market.

The win follows a year of exceptional innovation. Sophos is leading the industry through integration of AI into its products and services. One of the biggest product evolutions this year is the new Sophos Adaptive Cybersecurity Ecosystem (ACE), an open security architecture that optimises threat prevention, detection and response. Sophos ACE leverages automation and analytics, as well as the collective input of Sophos products, partners, customers, developers, and other security industry vendors, to create protection that continuously improves – a virtuous cycle that is constantly learning and advancing.

In addition, Sophos launched the industry’s only extended detection and response (XDR) solution that synchronizes native endpoint, server, firewall, and email security in 2021.

Source: Sophos

The UK-based PC PRO Excellence Awards are held annually to celebrate the best manufacturers and the best products available.

Whilst the ‘Manufacturer of the Year’ awards are selected by PC PRO readers, the ‘Product of the Year’ awards are selected from the hundreds of products that have been reviewed by the PC PRO team, together with their sister brands, IT Pro and Expert Reviews. We’re told the voting in these categories can involve hot debates within the editorial team, and only the standout products are selected.

The Sophos XG 230 (Rev.2) earned the top spot in the prestigious ‘Business Hardware of the Year’ category, competing with over a hundred other business-focused products.

IT Pro reviewed the XG 230, including the initial setup with Sophos Firewall OS (SFOS), earlier this year, when it was awarded an Editor’s Choice 5-Star rating.

The review highlights the following features:

• Flexible connectivity – built-in and add-on via Flexi Port modules
• Power redundancy option and failover via built-in bypass ports
• Ease of setup using the installation wizard
• Visibility provided by the Control Centre
• Zone-based security policies
• Extensive Web filtering categorization options
• Threat detection using Sophos Sandstorm (now part of Zero-Day Protection)
• Integration in Sophos Central, both for management, and cross-product threat detection and mitigation via the Sophos Security Heartbeat™.

Dave Mitchell, who conducted the review, was a key advocate for the Sophos win, describing our product as follows:

Sophos’ XG 230 Rev.2 impressed us mightily as this no-compromises gateway appliance is a cinch to deploy and offers a remarkable range of security measures for the price. A huge firewall throughput means it can easily keep up with a heavy demand and total integration with the Sophos Central cloud service adds extra levels of versatility.

You can read Dave Mitchell’s full review on the IT Pro website.

This review was conducted prior to the release of our new XGS Series hardware range, which offer all of the above features and many more.

Source: Sophos

[vc_row][vc_column][vc_column_text]

November 1, Athens Greece – NSS, a well established international value-added distributor of leading cutting-edge IT solutions, announced its strategic partnership with HelpSystems, a US based Information Technology and Software Vendor, and a people-first software company focused on helping exceptional organizations build a better IT.

[/vc_column_text][/vc_column][/vc_row][vc_row row_height_percent=”0″ back_color=”color-lxmt” overlay_alpha=”50″ gutter_size=”3″ column_width_percent=”100″ shift_y=”0″ z_index=”0″ shape_dividers=””][vc_column width=”1/1″][vc_column_text]Paolo Cappello, Managing Director of International Development responsible for leading growth in the LATAM, EMEA, and APAC markets stated that “At HelpSystems we’re on a journey to help organizations everywhere Build a Better IT™. Our security and automation software simplifies critical IT processes to give our customers peace of mind. We deliver solutions based on the fundamentals of good technology design: high quality, a top-notch user experience, and the ability to improve performance. In addition, with the recent acquisition of Digital Guardian, one of the DLP leader solution for large and mid-sized organizations, we keep investing hard to create the most powerful data security portfolio in the market to help customers improving further the ability to protect data across a wide set of channels, applications and operating systems. Together with NSS, we will be working in the areas of infrastructure and data protection, systems and network management, business intelligence, security and compliance, with a commitment to focus on offering solutions to improve everyday operations, save time, and cut costs, through reliable software, the expert services, and outstanding support, provided by the NSS team.”[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column width=”1/1″][vc_column_text]“As pioneers in cutting edge services and technology solutions, we are very excited to welcome HelpSystems to our portfolio and distribute their cutting edge security and automation solutions,” continued George F. Kapaniris, Executive Director, NSS, emphasizing that “We look forward to assisting MSPs to protect their customers business-critical data with automated cybersecurity solutions that help them stay ahead of today’s ever-changing threats.”.

NSS will distribute HelpSystems’ solutions in the markets of SE Europe, including Greece, Cyprus, Malta and Bulgaria and the Adriatic. By offering a comprehensive and unique set of cloud-based solutions, NSS is expanding its portfolio to meet the increasing IT requirements and security needs of businesses during the age of digital transformation.

To find out more please visit: https://www.nss.gr/en/products/security/helpsystems/

About NSS

NSS is an international Value Added Distributor of Affordable Cutting Edge IT solutions, covering technology areas that include information security, network optimization, communications and infrastructure systems. NSS has strategic partnerships with superior vendors offering products & services with leading technologies that place the company ahead of the competition in today’s crowded market. NSS products can be acquired through a selected channel of resellers in Greece, Cyprus, Malta, the Balkan and Adriatic Countries.

[/vc_column_text][/vc_column][/vc_row]

Τα τελευταία χρόνια, η ασφάλεια των Windows έχει σταθερά βελτιωθεί από τη Microsoft, και το ransomware ήταν μία από τις βασικές απειλές που φρόντισε να αντιμετωπίσει μέσω ενσωματωμένων λειτουργιών όπως είναι οι User Account Control (UAC), Windows Defender Application Control και οι κανόνες Attack Surface Reduction (ASR).

Στο συγκεκριμένο άρθρο, εξετάζεται αν η προστασία από το ransomware που είναι ενσωματωμένη στα Windows 10 είναι αρκετή για να σας προστατεύσει.

Η κατάσταση με το ransomware σήμερα

Το ransomware ήταν μεγάλη υπόθεση το 2020. Εταιρείες και οργανισμοί πάσχισαν να οργανώσουν λύσεις απομακρυσμένης πρόσβασης καθώς όλο και περισσότεροι εργαζόμενοι χρειάστηκε να εργαστούν από το σπίτι εξαιτίας της πανδημίας του νέου κορωνοϊού. Οι συμμορίες κυβερνοεγκληματιών παράλληλα όπως προβλεπόταν εκμεταλλεύτηκαν τον πολλαπλασιασμό των απροστάτευτων τερματικών συσκευών και των απροετοίμαστων χρηστών.

Σύμφωνα με ποικίλες εκθέσεις και αναφορές, σε σχέση με το 2019 σημειώθηκε αύξηση 62-150% στις κυβερνοεπιθέσεις το 2020, με ορισμένες αναφορές μάλιστα να κάνουν λόγο για αύξηση στις επιθέσεις ransomware κατά 485%. Και καθώς τα πιο πρόσφατα δεδομένα που έχουμε θέτουν τη μέση πληρωμή λύτρων στα $312.000 σε ορισμένες περιπτώσεις, οι κυβερνοεγκληματικές οργανώσεις κατάφεραν να αποσπάσουν χρηματικά ποσά ύψους εκατομμυρίων δολαρίων. Κατά τη διάρκεια του 2020 επίσης, διαπιστώθηκε αύξηση και στις περιπτώσεις διπλού εκβιασμού, όπου οι κυβερνοεγκληματίες ή χάκερ όχι μόνο απαιτούσαν υπέρογκα ποσά σε λύτρα, αλλά απειλούσαν επίσης και να διαρρεύσουν ή να πουλήσουν εμπιστευτικά δεδομένα στην περίπτωση που δεν πληρώνονταν τα λύτρα.

Το 2021, οι επιθέσεις εξακολουθούν να αυξάνονται. Υπήρξε μάλιστα και μια απότομη άνοδος των επιθέσεων μηδενικής ημέρας, όπου οι χάκερ αξιοποιούν προηγουμένως άγνωστες ευπάθειες στο λογισμικό. Αυξανόμενο είναι επίσης και το ενδιαφέρον των επιτιθέμενων για τις φορητές συσκευές, την ώρα που βεβαίως εξακολουθούν να αξιοποιούν προς όφελος τους τις απροστάτευτες διαδρομές απομακρυσμένης πρόσβασης και τις ανενημέρωτες στον τομέα του λογισμικού τερματικές συσκευές.

Κατεβάστε την έκθεση Malware & Ransomware Threat 2021

3 Προστασίες ασφαλείας των Windows ενάντια στο Ransomware

Ας αξιολογήσουμε τώρα τρεις προστασίες που είναι ενσωματωμένες στα Windows 10 και τις οποίες μπορείτε να χρησιμοποιήσετε για να ενισχύσετε την άμυνα σας έναντι του ransomware και άλλων κακόβουλων προγραμμάτων.

1.Έλεγχος λογαριασμού χρήστη: Το UAC είναι μια συλλογή από λειτουργίες και χαρακτηριστικά των Windows που βοηθούν τους χρήστες να εκτελέσουν προγράμματα και εφαρμογές χωρίς να απαιτούνται δικαιώματα διαχειριστή στο λειτουργικό σύστημα. Οι Προστατευμένοι Λογαριασμοί Διαχειριστή επιτρέπουν στους χρήστες να «τρέχουν» εφαρμογές, προγράμματα ή λειτουργίες με τα τυπικά δικαιώματα χρήστη τις περισσότερες φορές ωστόσο όταν απαιτείται μπορούν να ανέλθουν σε δικαιώματα διαχειριστή.

Το UAC είναι ένας έλεγχος ασφαλείας και όχι όριο ασφαλείας. Ως εκ τούτου, μπορεί να παρακαμφθεί. Η Microsoft συνιστά στους χρήστες να συνδέονται στα Windows όποτε είναι δυνατόν με λογαριασμό τυπικού χρήστη. Οι Προστατευόμενοι Λογαριασμοί Διαχειριστή UAC έχουν σχεδιαστεί για χρήση σε καταναλωτικές συσκευές. Αν και έχουν συμβάλει σε σημαντική βελτίωση της ασφάλειας στα Windows, δεν προορίζονται να παρέχουν ασφάλεια σε εταιρικό ή επιχειρησιακό επίπεδο.

2.Windows Defender Application Control: Αξιοποιώντας μία τεχνολογία που ονομάζεται Continuous Integrity και που είναι δανεισμένη από το λειτουργικό σύστημα Windows Mobile, το Windows Defender Application Control (WDAC) αποτελεί την πιο πρόσφατη τεχνολογία ελέγχου εφαρμογών στα Windows. Έχει σχεδιαστεί για να επιτρέπει στους οργανισμούς να δημιουργούν καταλόγους επιτρεπόμενων εφαρμογών, scripts και άλλων στοιχείων κώδικα στα οποία επιτρέπεται η εκτέλεση. Οτιδήποτε άλλο, συμπεριλαμβανομένου και του ransomware, αποκλείεται.

Το WDAC μπορεί να διαμορφωθεί χρησιμοποιώντας τον Microsoft Endpoint Manager (MEM) ή χρησιμοποιώντας Group Policy. Η πολιτική ομάδας (δυνατότητα των Windows που περιέχει μια ποικιλία προηγμένων ρυθμίσεων, ειδικά για διαχειριστές δικτύου) δεν υποστηρίζει το format πολλαπλών πολιτικών WDAC. Τα αρχεία πολιτικής WDAC δημιουργούνται χρησιμοποιώντας cmdlets PowerShell. Τα cmdlets δημιουργούν ένα ή περισσότερα αρχεία πολιτικής, που περιέχουν λίστες επιτρεπόμενων εφαρμογών και άλλους κανόνες, τους οποίους μπορείτε να εφαρμόσετε σε πελάτες για να αποκλειστεί μη εγκεκριμένος κώδικας. Για υψηλότερο επίπεδο ασφάλειας, τα αρχεία πολιτικής WDAC θα πρέπει να υπογράφονται για να αποτρέψουν τη διαγραφή ή την αλλαγή των κανόνων ελέγχου εφαρμογών από τους διαχειριστές.

3.Κανόνες Μείωσης της Επιφάνειας Επίθεσης: Οι κανόνες Attack Surface Reduction (ASR) αποτελούν μέρος του Windows Defender Exploit Guard. Οι κανόνες μπορούν να χρησιμοποιηθούν για την απενεργοποίηση λειτουργιών που χρησιμοποιούνται συχνά από χάκερ για να αποκτήσουν τον έλεγχο των Windows και να εγκαταστήσουν κακόβουλο λογισμικό. Οι κανόνες ASR ωστόσο μπορούν και να απενεργοποιήσουν λειτουργικότητα που είναι απαραίτητη για τους χρήστες στον οργανισμό σας, και επομένως θα πρέπει πάντα να ρυθμίζονται σε πρώτη φάση σε λειτουργία αξιολόγησης/ ελέγχου, ώστε να μπορείτε να παρακολουθείτε αν μία διαμόρφωση «αποκλεισμού» μπορεί να επηρεάσει τους χρήστες σας.

Οι κανόνες ASR λειτουργούν στα Windows 10 Pro και σε εκδόσεις Enterprise, από την έκδοση 1709 και μετά. Οι κανόνες μπορούν να διαμορφωθούν χρησιμοποιώντας MEM, η οποία είναι και η προτιμώμενη μέθοδος ή χρησιμοποιώντας τα Intune, PowerShell και Group Policy.

Για να έχετε στη διάθεση σας το σύνολο των δυνατοτήτων, συμπεριλαμβανομένης και της προηγμένης παρακολούθησης και ανάλυσης, θα χρειαστείτε μια άδεια Windows 10 Enterprise E5. Διαφορετικά, θα διαπιστώσετε ότι υπάρχουν περιορισμοί στην παρακολούθηση των ακόλουθων συμβάντων στο Αρχείο Καταγραφής Συμβάντων των Windows (Windows Event Log):

• Audit – Windows Event ID 1122 (έλεγχος)
• Block – Windows Event ID 1121 (αποκλεισμός)
• Settings changed – Windows Event ID 5007 (αλλαγές στις ρυθμίσεις)

Οι ενσωματωμένες προστασίες στα Windows είναι μία αρχή, αλλά δεν είναι αρκετές

Αν και τα χαρακτηριστικά Έλεγχος Λογαριασμού Χρήστη (User Account Control) και Έλεγχος Εφαρμογών (Application Control) όπως και οι κανόνες Μείωσης της Επιφάνειας Επίθεσης (ASR) παρέχουν ορισμένες βασικές βελτιώσεις στην προστασία εφόσον έχει γίνει σωστά η διαμόρφωση/ ρύθμιση τους, δεν επαρκούν για την προστασία των χρηστών και των συσκευών από το ransomware. Η πληρέστερη προστασία απέναντι στο ransomware και στο κακόβουλο λογισμικό απαιτεί από τους οργανισμούς να τηρούν τις βέλτιστες πρακτικές, όπως να επιβάλλουν την αρχή του ελάχιστου προνομίου και τη χρήση λογαριασμών τυπικού χρήστη (απλού χρήστη) αντί λογαριασμών διαχειριστή. Ιδανικά, οι συνδυασμένες προστασίες έναντι του ransomware θα μπορούν επίσης να ενορχηστρωθούν μέσα από μία μόλις «οθόνη» (κονσόλα διαχείρισης).

Η διαχείριση της ασφάλειας των Windows μπορεί να είναι περίπλοκη με τα ενσωματωμένα εργαλεία. Αν και οι ενσωματωμένοι έλεγχοι μπορούν να βοηθήσουν, παραμένει απαραίτητο το να διασφαλίσετε ότι οι χρήστες σας δεν συνδέονται σε τερματικές συσκευές με διαπιστευτήρια διαχειριστή τομέα και οι χρήστες δεν διαθέτουν δικαιώματα διαχειριστή στις συσκευές τους. Όταν ένας επιτιθέμενος αποκτήσει προνόμια διαχειριστή, οι περισσότεροι έλεγχοι ασφαλείας των Windows μπορούν να παραμεριστούν.

Για ολοκληρωμένη προστασία ενάντια στο ransomware αναζητήστε μία λύση Διαχείρισης Προνομίων Τερματικών Συσκευών (Endpoint Privilege Management) που περιλαμβάνει τόσο έλεγχο εφαρμογών όσο και δυνατότητες διαχείρισης προνομίου. Η διαχείριση της ασφάλειας επίσης από μία κεντρική κονσόλα, που παρέχει την πλήρη εικόνα της υποδομής σας, δίνει τη δυνατότητα στο τμήμα πληροφορικής σας να σταματήσει το ransomware προτού εισέλθει στο δίκτυο σας ενώ παράλληλα βοηθάει στο να περιορίσετε οποιαδήποτε παραβίαση αναχαιτίζοντας την πλευρική κίνηση (lateral movement).

Πηγή: BeyondTrust

[vc_row][vc_column][vc_column_text]

[/vc_column_text][vc_button button_color=”color-150912″ size=”btn-lg” radius=”btn-round” border_width=”0″ link=”url:https%3A%2F%2Fwww.beyondtrust.com%2Fblog%2Fentry%2Fhow-well-do-windows-10-security-features-protect-against-ransomware||target:%20_blank|”]Find out what are the 3 Windows Security Protections against Ransomware[/vc_button][vc_button button_color=”color-210407″ size=”btn-lg” radius=”btn-round” border_width=”0″ link=”url:https%3A%2F%2Fwww.beyondtrust.com%2Fresources%2Fwhitepapers%2Fmalware-threat-report-2021||target:%20_blank|”]Download the 2021 Malware & Ransomware Threat Report[/vc_button][vc_empty_space empty_h=”3″][vc_column_text]Source: BeyondTrust[/vc_column_text][/vc_column][/vc_row]