News

Apr

Sophos. How to stay protected against ransomware

If there’s one thing we know about cybercrooks, it’s that they are persistent. When they find a formula that works, they’ll keep on using and improving upon that formula until it no longer gets the job done.

Ransomware that hijacks your files and locks them up using unbreakable encryption has been quite successful for the crooks, making it a widespread and major threat for home users and businesses alike. If you don’t have preventative measures in place and get hit with ransomware, one way or another you will end up paying the price.

In recent months we’ve seen new strains of ransomware crop up that show the problem isn’t going away any time soon. The nasty ransomware known as Locky has been infecting Windows computers through malicious email attachments. There’s even ransomware targeting Android, Linux and Mac.

In light of this ongoing threat, Sophos has created a new resource showing you How to stay protected against ransomware. It’s an easy-to-follow guide offering best practices for keeping your data secure, including how to configure your security, train your staff, and back up your files.

This guide covers:

How ransomware attacks work
Why ransomware infections continue to spread despite existing security measures
Practical short and long-term steps you should take to stay protected against ransomware
How to optimally configure your Sophos solutions to protect against ransomware

Download the whitepaper now to see how you can stay safe from current and future ransomware threats – it’s a free resource, with no registration required.

You can stay up-to-date with evolving threats and get security advice from Sophos experts by following us on social media and subscribing to our blogs.

Visit our award-winning Naked Security blog to read up on our recent research and top security tips for stopping ransomware threats:

Listen to the Sophos Techknow podcast below for a quick educational course on ransomware, as Sophos experts Chester Wisniewski and Paul Ducklin explain how ransomware works and what to do about it.

You can read the original article here.

Apr

Sophos UTM Elevated 9.4 is now available!

After a successful beta, we’re pleased to announce the initial availability of UTM Elevated 9.4.

UTM 9.4 elevates protection against targeted and evasive threats with the addition of Sophos Sandstorm, supports the latest RED 15w and AP 15C hardware, and adds some of your top requested features.

Here’s everything you need to know about the roll-out of UTM Elevated 9.4.

In this initial soft launch phase, you can download the 9.4 Up2Date package and apply it to your existing UTM 9.35 device, or download the full 9.4 ISO installer for new software or virtual deployments.

Up2Date Package: ftp://ftp.astaro.com/UTM/v9/up2date/

ISO Installer: https://www.sophos.com/en-us/support/utm-downloads.aspx

The automatic roll-out of Up2Date packages to active UTM devices is expected to start in early April, with general availability to follow some time after that. As usual, updates are free for all customers with an active subscription license.

Please subscribe to the blog or check back regularly for updates.

Sophos Sandstorm and hardware availability and pricing

UTM Elevated 9.4 includes a new protection subscription for Sophos Sandstorm. Orders can be processed starting on March 25th. Since Sophos Sandstorm works to protect against web downloads and email attachments, as you might expect it also requires one of Web or Email Protection subscriptions or FullGuard or TotalProtect.

UTM Elevated 9.4 also includes support for the new RED 15w and AP 15c, which are already available for purchase.

Please contact your partner or reseller for pricing on these options.

Please note that the SG 85(w) model that was originally anticipated to launch alongside UTM Elevated 9.4 will come later, as the product team is still working on enabling the UTM 9 firmware to run on such a diskless device with performance and functionality that meet our high standards.

What’s new in UTM Elevated 9.4

Check out this video overview of what’s new in UTM 9.4 including a demo of Sophos Sandstorm on the UTM.

Extending zero-day protection

Today’s hackers are employing more targeted attacks with highly evasive, never-before-seen malware designed to breach security systems to gain access to a company’s resources, credentials and data. So while conventional anti-malware is still a critical first line of defense, it’s no longer enough in combating modern attacks.

Most next-generation sandboxing solutions designed to identify unknown malware are too complex and expensive for most businesses like yours to even consider. That’s why we’ve developed Sophos Sandstorm, a new subscription option that gives you an advanced malware defense solution. Sandstorm is a cloud-based sandbox solution that provides targeted attack protection, visibility and analysis that rises above the competition.

Sandstorm is simple, effective and affordable. You get enterprise-grade protection without the enterprise price tag or complexity.

Get the new Sandstorm datasheet.

Expanding the hardware line-up

RED 15w adds integrated wireless to the new RED 15 with a single radio supporting 802.11n 2×2:2 MIMO.

AP 15c packages the popular, new and affordable entry-level access point into a ceiling smoke-detector type chassis. It offers the same great performance and value as the AP 15 desktop model with a single radio with 300Mbps of 802.11n throughput – but now with a choice of band (either 2.4GHz or 5GHz).

Enhancing the firmware features

UTM Elevated 9.4 also delivers some of your top-requested features.

WAF Persistent Session Cookies improve the user experience when interacting with business applications protected by the Sophos UTM, reducing repeated sign-in prompts.

STAS (Sophos Transparent Authentication Suite) provides reliable transparent SSO authentication for network users, without requiring a client on the endpoint. STAS employs an agent on the Microsoft Active Directory Server that monitors and stores authentication activity and exchanges authentication information with the UTM, making user-based policy rules and enforcement easy.

IPv6 SSL VPN Support adds much requested support for IPv6 VPN connectivity with the UTM.

Feedback

As usual, please head over the the Sophos Community Forums for UTM to share your feedback.

And thank you…

A special “Thank You” for your support in helping us continue to build award-winning products!

You can read the original article here.

Apr

Sophos. Learn how cybercrooks do it, and how to stop them!

Ever wondered how cybercrooks do it? Do they need to be technology wizards? Programming geeks? Website developers? Spam kings? Hard-core reverse engineers?

In fact, these days, they don’t need much more than a determination to break the law and to get rich illegally at other people’s expense. (And, increasingly, to risk a pretty serious prison sentence if they’re caught.)

That’s because there’s a sizeable underground “malware-as-a-service” industry, where technically adept cybercriminals rent out all the technical wizardry that wannabe crooks need to join the ranks of the criminally active.

The words “hacker’s toolkit” no longer have the innocent meaning of the past, where they referred to a floppy disk of handy low-level utilities that your favourite sysadmin carried everywhere, just in case your MS-DOS hard disk stopped playing ball.

These days, there’s a much more sinister hacker’s toolkit available – a grab-bag of cybercrime services for hire: a cybercriminal “cloud services economy,” if like.

You can pay someone else to write your malware, infect a chosen number of victims, steal data, send spam, log keystrokes, extort money, and much more.

So…how does this underground work? What can we do about it?

Listen to SophosLabs Principal Researcher Fraser Howard explain in words that you can not only understand but also use to pass on the knowledge to others in your organisation, or to your friends and family. (Your email address will be requested before you join the webinar recording.)

You can read the original article here.

Mar

Sophos Takes Home Excellence Award for Best UTM Security Solution at SC Awards 2016

Sophos, a global leader in network and endpoint security, announced today that its Sophos SG Series UTM won the Excellence Award in the Best UTM Security Solution category at the SC Awards 2016. The award was presented during the 19th annual SC Awards Gala on Tuesday, March 1, 2016.

“We are delighted that Sophos SG UTM was yet again recognized at the SC Magazine Awards. Winning this award in Europe and now in North America is a great honor and reflects the enormous success our UTM product line has had around the world,” said Chris Weeds, senior director, product marketing, Sophos.

“Our network security product team is proud of this achievement, but credit also goes to our partners and customers, whose input and feedback helps us to continue to build award-winning products.”

Winners in the Excellence Award category were hand-selected by a panel of IT security experts from both the private and public sector. During the judging process, each finalist went through a rigorous evaluation that included in-depth analysis, analyst reports and/or product reviews. After a thorough and comprehensive analysis of each finalist’s strengths, Sophos was chosen as the winner in the Best UTM Security Solution category.

“From advanced hacks to massive malvertising campaigns to a host of ransomware variations, 2015 showed that once again, cybercriminals are upping their game when it comes to exploiting today’s businesses,” said Illena Armstrong, vice president, editorial, SC Magazine. “As a winner in the Excellence Award category, the Sophos SG Series UTM proved its ability to execute comprehensive security measures to protect the enterprise from data-stealing attacks.”

The SC Awards are recognized throughout the IT security industry and are the crowning achievement for IT security professionals and products.

Each year, hundreds of applications are reviewed and narrowed down to a select group of finalists that represent the best solutions, services and professionals working around the clock to protect today’s businesses from an ever-changing landscape of security threats. For more information and a detailed list of categories and winners, please visit www.scmagazine.com/awards.

You can read the original article here.

Mar

Sophos. About Malvertising – learn more about this pernicious problem

Malvertising is short for “malicious online advertising”, and it’s a pernicious problem. Simply put, it’s a way for crooks to infect innocent visitors via your website, to poison your website’s online reputation, and to trash your brand…

…without going anywhere near your servers, and without tripping any alarms on your own network. All the crooks do is buy ad space from an ad network and start placing ads – because ads, very loosely speaking, are tiny little web pages of their own that appear in ad-sized windows on other people’s websites.

You can probably see where this is going.

Once the ads are up and running, the crooks start sneaking booby-trapped, malware-delivering ads into the mix. And, with, that, they’ve as good as infected your website, and potentially infected hundreds or thousands of other websites at the same time. Every so often, your web property will pull an ad from the affected ad network, and once in a while the ad that appears will be an infected one, and one of your visitors will be put right in harm’s way.

Technically, the ad didn’t come from you, but that’s cold comfort to the afflicted visitor. Your website’s URL is in the address bar; your organisation’s logo is at the top left corner of the web page; and your brand is left to shoulder the blame. Also, infected ads appear irregularly, which makes them hard to detect and even harder to track down.

This, in turn, only adds to the sort of security confusion that helps the crooks. Even mainstream sites – sites that you’d never get into trouble for browsing at work, because they’re well-known sites with useful content – can fall victim to malvertising. This week’s news is that at least the BBC, Newsweek, The New York Times and MSN were affected over the weekend.

So it it’s certainly the sort of problem that could happen to you!

What to do?

Malvertising isn’t something that technology alone can fix.

That’s because it’s woven into the battle between adblockers (many of which aim to suppress ads outright, for a variety of reasons) and ad-sponsored websites (some of which argue that adblockers are crushing the value of free content, if that’s not an oxymoron).

Why not listen to the recording of yesterday’s Security SOS webinar, where Sophos security expert John Shier discusses the problem, and some possible solutions, in a clear and very balanced way?

You can read the original article here.

Mar

Sophos. 3 steps to securing your mobile workforce

Today, every business is mobile. Across enterprises of all sizes, everyone from entrepreneurs and executives to knowledge workers needs to get online and access business data and files using smartphones, laptops and tablets.

Employees using their personal devices to access corporate applications and data can put their organizations at risk when they lose or misuse their devices. In addition, cybercriminals are capitalizing on these trends by building mobile malware to infiltrate networks and steal data. Mobile risk is on the rise.

For IT security teams, this new reality creates a daunting challenge. You must manage this increased risk while at the same time empowering users and respecting their privacy.

In order to help you meet this challenge, Sophos has created a new guide to setting priorities that allow you to provide flexibility, but also protect your networks and corporate data. Our free whitepaper 3 Steps to Securing the Mobile Workforce lays out a simple approach for organizations to successfully secure their mobile workforce.

The task of enterprise mobile security really boils down to three basic needs:

Protecting the user and device
Protecting access to the enterprise network
Protecting enterprise data

And of course, most importantly, you need an easy-to-use solution that lets you accomplish your goals with available resources.

Download the free whitepaper 3 Steps to Securing the Mobile Workforce to see how you can empower your workforce and boost productivity, while keeping corporate data safe.

Sophos Mobile Control

Sophos Mobile Control is the simplest way to enable secure mobile productivity and collaboration for your business. Sophos Mobile Control is a complete stand-alone mobile security solution, while also integrating directly with Sophos UTM and Sophos SafeGuard Encryption to deliver the most comprehensive mobile protection available on the market today.

You can read the original article here.

Mar

Sandstorm comes to Sophos Email Appliance: The next-gen sandboxing that stops targeted attacks

With 95% of targeted attacks beginning with an email, your secure email gateway is vitally important as your first line of defense. Attackers are more frequently using previously-unknown malware to evade traditional protection. While conventional anti-malware protection is still essential as a first line of defense, organizations need additional tools to combat today’s targeted, unknown malware.

Unfortunately, many next-generation solutions designed to deal with unknown threats are too complex and expensive for many businesses to consider. And under-resourced small and mid-sized businesses definitely don’t want yet another point solution to clutter up their network.

That’s why we’re delivering Sophos Sandstorm as an option to Sophos Email Appliance (SEA). Sandstorm is an advanced malware defense solution that complements Sophos security products to quickly and accurately detect, block and respond to evasive threats using powerful, cloud-based sandbox technology.

It’s simple

Easy to try – sign up directly from the product interface
Easy to deploy – simply activate the policy
Easy to manage – all from within your “three-clicks-to-anywhere” interface

It’s effective

Detects threats designed to evade sandboxes that other solutions miss
Simple, efficient policy control
Superior visibility with granular, incident-based reports

It’s cloud-delivered

Rapid deployment – you get instant protection with no hardware to deploy or appliance upgrade needed
Minimal impact on performance – all processing is done in the cloud
Collective intelligence – improved protection based on analysis of threats detected across the broad Sophos customer base

Why should you be interested?

Many organizations recognize the need to take steps to protect their business against unknown threats. What they don’t want is yet another point solution to clutter up their network.

If you want an advanced threat solution that’s easy to try and deploy, simple to manage, and uses the best threat intelligence, Sophos Email Appliance with Sophos Sandstorm checks all these boxes.

Visit sophos.com/sandstorm to learn more about how Sophos Sandstorm works.

Sophos Home automatically protects computers against viruses, phishing websites and malicious downloads. You’ll get an alert in the dashboard about cleaned-up threats, blocked websites, and potentially unwanted applications (PUAs).

You can read the original article here.

Mar

Sandstorm comes to Sophos Email Appliance: The next-gen sandboxing that stops targeted attacks

It’s simple

Easy to try – sign up directly from the product interface
Easy to deploy – simply activate the policy
Easy to manage – all from within your “three-clicks-to-anywhere” interface

It’s effective

Detects threats designed to evade sandboxes that other solutions miss
Simple, efficient policy control
Superior visibility with granular, incident-based reports

It’s cloud-delivered

Rapid deployment – you get instant protection with no hardware to deploy or appliance upgrade needed
Minimal impact on performance – all processing is done in the cloud
Collective intelligence – improved protection based on analysis of threats detected across the broad Sophos customer base

Why should you be interested?

Many organizations recognize the need to take steps to protect their business against unknown threats. What they don’t want is yet another point solution to clutter up their network.

If you want an advanced threat solution that’s easy to try and deploy, simple to manage, and uses the best threat intelligence, Sophos Email Appliance with Sophos Sandstorm checks all these boxes.

Visit sophos.com/sandstorm to learn more about how Sophos Sandstorm works.

You can read the original article here.

Mar

Sophos Home reviews: “Simple,” “amazing” and “awesome”

Sophos Home, our free security solution for the whole family, has been available for a few months now, and the response has been overwhelmingly positive.

The home IT heroes and professional sysadmins who’ve tried Sophos Home have been “very impressed,” with some saying it’s “amazing” that we’re giving everyone a commercial-grade security product for free.

Professional reviewers from respected tech publications like PC Magazine and ZDNet have put Sophos Home to the test and their reviews are equally positive.

Here’s what the reviewers and users of Sophos Home are saying so far.

PC Magazine

“Very good scores from independent labs. Excellent scores in our anti-phishing and malicious URL blocking tests. Simple, clean interface. Powerful remote monitoring and management. Protects Windows or Mac systems.”

PC Magazine gave Sophos Home an Editor Rating of “Excellent,” noting that “labs love it” because of how well Sophos Home performs in third-party anti-malware, anti-phishing and performance tests.

Sophos Home “turned in an excellent performance” in tests measuring how well it blocks malicious URLs of websites hosting malware and phishing sites.

PC Magazine commented favorably on Sophos Home’s ease-of-use and remote management capability, saying the dashboard “exhibits a pleasant simplicity.”

ZDNet

“I’ve been testing Sophos Home for a couple of weeks now and I’ve found it to be easy to use, reliable, and not heavy on system resources. It’s also picked up on every bit of malware that I’ve been able to throw at it. And to top that off, Sophos Home will never nag you to upgrade to a paid product.”

ZDNet’s review remarked on how easy it is to install Sophos Home on your PCs and Macs: just sign up for an account, download Sophos Home, and you’re done!

ZDNet says the ability to manage security for up to 10 computers is an “awesome feature.”

Simply send a link from the dashboard to anyone whose computer security you want to manage (family, friends, neighbors), and you can monitor their security from your Sophos Home account using any web browser.

Users just like you

There’s another feature of Sophos Home that’s getting rave reviews from users – it’s great for protecting your kids with built-in web filtering that allows you to block inappropriate websites.

“Needless to say, Sophos has gone above and beyond again. I love the fact that I can monitor and manage machines right from a web interface. You can actually apply machine specific internet filters as well if you have kids that have their own computer or you don’t want them going to certain sites.” – Brian C., Network Administrator

People just love how easy it is to install and use Sophos Home.

“The download and install is quick and easy and the interface is simple to understand and use. The value of this system is priceless as it protects your computers from the elements out there. Thanks Sophos for making another great product!” – DeWayne N., Small Business Owner

And the fact that Sophos Home is totally free is impressive (and surprising) to many users.

“Super easy to install and an amazing amount of functionality, especially for a free product. You could have easily charged for this, but it’s amazing that you didn’t!! ” – Spiceworks Member Kaiju Nexus

As ZDNet says: “Why pay for a home antivirus solution where you can get excellent protection for absolutely nothing?”

Plus, we’ll never nag you with ads or require you to “upgrade” to a paid version. Free means free!

Visit sophos.com/home to get signed up, and start protecting the whole family.

You can read the original article here.

Mar

Sophos at Mobile World Congress: Securing the Internet of Things

The Internet of Things (or IoT for short) is rapidly expanding to include an unprecedented number of connected devices. All the smart things coming online need to be secured, but sadly, security seems to be low on the list of priorities for IoT manufacturers and developers.

There’s a very broad array of consumer and industrial applications for the IoT: wearables, TVs, thermostats, lighting, security cameras, drug infusion pumps, electricity meters, toys, cars, and much more. What can be done to make sure our devices are safe from snoops and hackers?

James Lyne, Sophos global head of security research, addresses this important issue during a keynote session at Mobile World Congress, taking place the week of 22-25 February.

If you’re attending MWC in Barcelona, check out James’s talk on Thursday 25th February, from 11:00-12:00, in Hall 4 (the Conference Village).

And stop by the Sophos stand, 5H31, in exhibition Hall 5. You can chat with our experts, see demonstrations of our award-winning mobile security and mobility management technologies, and have a chance to grab some of our popular give-aways.

If you can’t make it to MWC, we’ll report back on all the happenings at the show, and we’ll be sharing the results of James’s research into the poor security practices employed by mobile app developers.

Watch James Lyne’s keynote from MWC 2016

Also, watch his fascinating presentation from last year’s MWC 2015.

In the video, you can see James hack into an Android tablet over Wi-Fi to record video and audio, and demonstrate how insecure CCTV cameras that use weak or no passwords can be breached from the other side of the world.

You can read the original article here.

Mar

Sophos. An important announcement about XG Firewall and UTM 9 maintenance releases

Sophos, is pleased to announce the first maintenance release for XG Firewall, with a number of important fixes to improve the operation of your firewall. We also wanted to take this opportunity to outline our release notes strategy for future firewall and UTM releases.

For major feature releases, Sophos will continue to publish notifications here on the Sophos Blog highlighting the new features and capabilities, with links to the complete release notes on the Sophos Community Forums.

For all maintenance releases, Sophos will soon begin publishing notifications and release notes on the Sophos Community Forums only, so we encourage you to subscribe to the community product blogs to keep up with all the latest releases.

You can find XG Firewall release notes in the Sophos XG Firewall Community Blog.

UTM 9 maintenance release notes will similarly be published in the Sophos UTM 9 Community Blog.

Subscribe to email alerts

When using the community forums, be sure to log in using your Sophos ID. Then you can subscribe to the product blogs by turning notifications on in the More menu.

This will alert you via email whenever new articles are posted.

If you don’t have a Sophos ID, you can still subscribe to the blogs via email. Click the Gear icon in the upper right area of the screen to subscribe for updates via email, or bookmark these blogs and check back regularly.

RSS Reader

You may also subscribe in your preferred RSS/Atom feed reader, using the links below.

UTM 9 | RSS | ATOM

XG Firewall | RSS | ATOM

Twitter

Follow us on Twitter: @SophosSupport will begin announcing new firmware updates, and link to this blog. You can also follow @Sophos_news to stay current on the latest news.

If you’re wondering how to do firmware updates or roll-backs on your XG Firewall, we’ve got a new video for you, covering everything you need to know to keep your firewall up to date.

You can read the original article here.

Feb

Sophos. The UTM Elevated 9.4 beta starts…

The much anticipated beta for UTM Elevated 9.4 is now underway. If you’re wondering what’s new with UTM Elevated 9.4 and how it’s elevating protection against targeted and evasive threats, be sure to watch the brief overview video including a demo of the new Sophos Sandstorm sandboxing technology.

You can get access to the downloads and the beta license from this post on the Sophos Community forum.

Please go to the UTM Elevated 9.4 beta forum to offer feedback or to ask questions about the beta.

Here’s a summary of the great new features in UTM Elevated 9.4:

Extending zero-day protection

Today’s hackers are employing more targeted attacks with highly evasive never before seen malware designed to breach security systems to gain access to a company’s resources, credentials and data. So while conventional anti-malware is still a critical first line of defense, it’s no longer enough in combating modern attacks.

Most next-generation sandboxing solutions designed to identify unknown malware are too complex and expensive for most businesses like yours to even consider. That’s why we’ve developed Sophos Sandstorm, a new subscription option that gives you an advanced malware defense solution that’s effective and affordable. Sandstorm is a cloud-based sandbox solution that provides targeted attack protection, visibility and analysis that rises above the competition.

Watch the video:

It’s simple:

Easy to try – sign up through MyUTM and benefit from instant protection
Easy to deploy – simply activate the policy
Easy to manage – through your usual UTM workflow

It’s effective:

Blocks evasive threats – detects threats designed to evade sandboxes that other solutions miss
Policy control – simple, efficient policy control
Visible protection – granular, incident-based reports

It’s cloud-based:

Rapid deployment – instant protection with no hardware to deploy or appliance upgrade needed
Minimal impact on performance – all processing done in the cloud
Collective intelligence – analysis of threats detected across the broad Sophos customer base

And perhaps most importantly, it’s affordable. Sophos Sandstorm will be available in UTM 9.4 as a new Protection Subscription, at a great value price-point compared to competing enterprise solutions in this category. It’s enterprise-grade protection without the enterprise-grade price tag or enterprise-grade complexity.

Expanding the hardware lineup

UTM Elevated 9.4 adds support for a number of new hardware options, further extending our top-performing hardware line up.

SG 85(w) brings new New SG Series Appliances to the low-end of the line. The SG 85 is available in both an integrated wireless (w) model and without wireless. It is ideal for extremely price-sensitive deployments like retail or SOHO. Expected availability of the SG 85(w) is March 2016.

4x10G SFP+ Flexi-Port Module for the 1U SG Series models brings a whole new level of flexible connectivity and performance with four port support for a variety of optical or electrical transceivers. Expected availability is March 2016.

RED 15w adds integrated wireless to the new RED 15 with a single radio supporting 802.11n 2×2:2 MIMO. Expected availability is March 2016 with similar (aggressive) pricing to the new XG 85w.

Enhancing the firmware features

UTM Elevated 9.4 also delivers some of your top-requested features.

WAF Persistent Session Cookies improve the user experience when interacting with business applications protected by the Sophos UTM, reducing repeated sign-in prompts.

IPv6 SSL VPN Support adds much requested support for IPv6 VPN connectivity with the UTM.

Looking beyond

While UTM Elevated 9.4 is a substantial release, it’s one more in what has been, and will continue to be, a great series of updates to this award-winning product. We have even more great plans for this product with UTM 9.5 and 9.6 releases already in the early planning stages, promising to bring you even more value, simplicity and security.

You can read the original article here.

Feb

Sophos Mobile Security For Android Achieves Best Protection Award From AV-TEST Institute

Sophos, a global leader in network and endpoint security, has received the 2015 AV-TEST Best Android Security Award for Best Protection. Over a 12 month period and during six independent tests, Sophos Mobile Security for Android consistently achieved a perfect score for malware and threat detection.

AV-TEST Institute is a globally recognized, independent IT security research firm that benchmarks the effectiveness of security products. The category of ‘Protection’ tests a product’s ability to thwart current threats, including real-time malicious code or the latest malware from unsafe websites and emails. Sophos Mobile Security, which is a free app developed by Sophos for all Android users, demonstrated a consistent detection rate of 100 percent in each of the six test rounds during 2015. In each test, the product was required to scan, detect and remove nearly 3,000 dangerous apps.

“With the Sophos app, a mobile Android system is raised to the highest-possible security level,” commented Andreas Marx, CEO for AV-TEST GmbH.

The Sophos Mobile Security app provides full functionality designed to protect Android devices without reducing performance or impacting battery life. Using up-to-the-minute intelligence from SophosLabs, it scans apps on demand or in intervals set by the user. The antivirus functionality helps to avoid undesirable software that may lead to data loss and unexpected costs. If the device is lost or stolen, a remote lock or wipe will shield personal information from prying eyes. The app is free for use by individuals and business users and can be managed via Sophos Mobile Control within a business environment.

“We are proud to have consistently scored 100 percent against a rigorous testing methodology from a respected research team. Achieving the award for Best Protection is a testament to the skills of our SophosLabs engineers who work on the front lines of threat detection and response,” commented Simon Reed, vice president of SophosLabs at Sophos. “We continue to see a rise in malware targeting mobile platforms, making unprotected mobile devices an easy entry point for malware to enter a corporate network.”

Sophos Mobile Control 6.0

Earlier this month, Sophos announced the availability of Sophos Mobile Control 6.0, a comprehensive enterprise mobility management solution. This latest version now includes Sophos Secure Email, a container solution that isolates and secures business data from personal information on devices. Sophos Mobile Control 6.0 also enhances data protection capabilities and allows IT managers to oversee devices used throughout their organization through a simple interface and intuitive workflows. Further information about Sophos Mobile Control is available at www.sophos.com/mobile.

Sophos Mobile Security along with the full range of free tools from Sophos is available at http://www.sophos.com/forfree.

You can read the original article here.

Feb

Sophos. One simple thing you can do to protect your kids online

Safer Internet Day, organized each year by the Insafe network, is a worthy intiative to promote safer and more responsible use of online and mobile technology by kids and young adults. Similar to Data Privacy Day or World Backup Day, we think Safer Internet Day is a worthy initiative because it raises awareness and helps educators teach people how to be smarter about online risks.

It’s important to teach kids about cyberbullying, oversharing, and practicing good security hygiene (like choosing better passwords, locking smartphones, and avoiding risky websites, emails, messages or texts).

There’s something else you can do to keep your whole family safe, including kids, parents, and even your neighbors and friends. It’s called Sophos Home, and it’s 100% free.

Sophos Home is an easy-to-use free tool that allows you to manage the security of up to 10 PCs and Macs from any web browser. It’s built upon the same security technology that protects millions of Sophos commercial customers, but it’s designed with home users in mind.

Protecting your family and friends is as easy as 1-2-3: just sign up for an account, download Sophos Home on your own computer, and send a link from the dashboard to anyone whose computer security you want to manage.

Once they download Sophos Home, your family and friends’ computers are linked to your Sophos Home account and you can manage their security from the Sophos Home Dashboard.

Sophos Home automatically protects you and your family against viruses, phishing websites and malicious downloads. You’ll get an alert in the dashboard about cleaned-up threats, blocked websites, and potentially unwanted applications (PUAs).

There’s another feature of Sophos Home that’s great for protecting the kids – built-in web filtering allows you to block inappropriate websites in categories that you choose, such as adult websites, gambling, drugs or violent content.

And unlike other home-use security software, we’ll never nag you to upgrade to a paid version or sell your data to third parties.

Visit sophos.com/home to get signed up, and start protecting the whole family.

You can read the original article here.

Feb

Gartner Positions Sophos as a Leader in Magic Quadrant Report for Endpoint Protection Platforms

Sophos, a global leader in network and endpoint security, today announced that Gartner, Inc., has once again named Sophos as a Leader in its 2016 Magic Quadrant report for Endpoint Protection Platforms1 (EPP), a position Sophos has held since 2007.

In the report, Gartner identifies four primary stages in the security lifecycle: setting policy, prevention, detection and remediation, and evaluated EPP vendors based on whether the features their solutions offer address these four stages.

According to the report, “Most enterprise buyers are starting to look at EPP products that can address not only Windows, but a broad array of servers and clients. We evaluated a vendor’s ability to protect and manage a wide array of endpoints (such as Mac, iOS and Android devices), and to integrate those into the management console. Today, many large enterprise buyers are selecting a best-of-breed EMM [Enterprise Mobility Management] capability; however, within the next two years, we expect the EPP market to subsume this function (which is already happening at the SMB end of the market).” In addition to being an EPP Leader, Sophos is also a Visionary in the June 2015 Gartner Magic Quadrant for Enterprise Mobility Management Suites.

“Today’s threats demand advanced technology like Sophos Next-Gen Endpoint Protection, which prevents, detects, remediates and investigates as one solution,” said Dan Schiappa, senior vice president and general manager of Sophos Enduser Security Group. “Our researchers at SophosLabs are seeing an increase in the sophistication of malware – polymorphism is becoming the norm and previously unknown malware is on the rise. These types of threats can only be detected by the integrated capabilities, such as exploit prevention, behavior analytics and pre-execution heuristics, that we have built into our products. We believe Gartner’s continued placement of Sophos in the Leaders quadrant for Endpoint Protection Platforms throughout the last nine years validates our strategy to constantly innovate endpoint protection by introducing industry-firsts, such as synchronized security with the Sophos Security Heartbeat.”

Sophos believes that its next-generation enduser, server and network protection technologies will further its leadership and continue to keep customers protected as threats evolve. “Sophos is one of a very few companies worldwide that have the breadth of solutions and the depth of expertise to truly advance the industry by protecting all platforms,” added Schiappa.

To download a complimentary copy of the Gartner report, click here.

You can read the original article here.

Feb

6 things you’ll love about Sophos Mobile Control 6.0

It’s 2016, so why are we still talking about mobile security like it’s a new thing? Maybe it’s because too many organizations still don’t realize the size of the risk, or they just aren’t aware of what their users are up to.

One of today’s biggest threats to the security and confidentiality of company information is data on the move between employee work and personal devices and cloud services.

According to the analyst and research firm Ovum, two-thirds (66%) of employees say they use personal smartphones for work. Yet when asked what percentage of their users are doing work on personal smartphones, employers are way off the mark, saying just 26% of workers do so.

Sophos has an answer for the new mobile reality, enabling the mobile workforce but securing company data without compromise – Sophos Mobile Control (SMC).

We’re already an industry leader and visionary in enterprise mobility management (EMM). And now I’m excited to introduce the newest version of SMC (6.0), bringing a host of new capabilities to keep your mobile workforce secure wherever they work and however they like to work.

You’re going to love the new SMC. These are the top six things that we think make SMC the best tool for mobile management and security, boosting productivity and user convenience, while giving you complete control.

1. Security and privacy for their data and yours.

SMC offers secure, encrypted containers to keep user and corporate data separate. Users have the convenience of a single device for business and personal use, without compromising corporate data security. Sophos Secure Email protects your business email, calendar and contacts from unauthorized access.

2. Corporate Browser = secure access to corporate websites, without additional passwords!

Push the most used and necessary corporate websites to employees via the Corporate Browser feature. Once a user logs into the Sophos container, they can access corporate websites without an additional password. Convenience and security – it’s a win-win.

3. Don’t wait to collaborate.

Let’s face it, employees are increasingly using personal cloud storage services for easy access to work files. It’s convenient for them, but a liability for you. SMC offers Secure Workspace, giving employees the flexibility they need with safe cloud storage.

Allow your people to easily share files, but keep them top secret. Simply and securely distribute important files to employees on the move. SMC integrates with SafeGuard Encryption for an additional layer of security, so data is protected no matter where it goes.

4. SMC’s no-nonsense approach to non-compliant devices.

Trust, but verify. SMC gives you easy control and enforcement of policies, so you can keep non-compliant devices from accessing company data. Enforce policies for passwords, rooting of devices, and unsafe apps, and quarantine devices with unsecure settings. It’s easier than ever to remote lock and wipe lost or stolen devices. You can also control access to app stores, and restrict access to insecure public Wi-Fi, NFC and Bluetooth.

5. Tell them to “Do it yourself.” Simple self-service frees up IT by reducing requests.

IT admins need a break from constant requests for simple but time-sucking requests, like resetting passwords or configuring corporate email. With our super-simple self-service portal, users can help you by helping themselves.

6. Simple security for mobile productivity.

SMC is more than just a mobility management solution – unlike other EMM solutions, SMC is from an industry-leading security vendor. Easy to integrate with your endpoint, encryption and network security, SMC puts security first, without sacrificing user productivity.

Plus, SMC is easy to deploy the way you want. Manage SMC yourself with our on-premise solution, or have it hosted by Sophos as a service – no installation, and no maintenance required.

The bottom line

Your users are accessing corporate data on their personal mobile devices more and more, creating management and security challenges. But you don’t have to accept that risk, and you can do something about it.

Sophos Mobile Control allows you to keep your users productive while securing all your mobile devices with minimal IT effort.

Try SMC for free at sophos.com/mobile.

You can read the original article here.

Feb

How third-party testing validates Sophos Next-Gen Endpoint Protection

There’s a lot of noise (or confusion) in the market around what “next-gen” endpoint protection actually is. At Sophos, we believe next-gen endpoint protection must deliver an integrated system of prevention, detection and remediation technologies.

The Sophos System Protector does exactly this. It functions as the “brain” of our endpoint protection by automatically applying the best threat protection based on behavior, analytics, heuristics and many other built-in defenses.

Yet all the science and technology in the world is for naught if the protection doesn’t protect. And independent test houses provide the best assessment of how a product will perform in the real world.

Each testing house has a different methodology, and obtaining a balanced view across multiple independent testers is a great way to get an unbiased view of how security products perform in real-world scenarios.

Dennis Technology Labs recently gave Sophos its highest AAA rating, while AV-Test has further verified Sophos leadership. In AV-Test’s most recent round of tests in November-December 2015, Sophos scored a perfect 6 out of 6 for protection – for the fourth time in a row.

We’re delighted to see that both Dennis Technology Labs and AV-Test are rating Sophos so highly.

In contrast, some so-called “next-gen” vendors struggle to keep pace.

In AV-Test’s latest test, Cylance registered a disappointing 29 false positives, compared to an industry average of six, highlighting usability problems in these real-world testing scenarios.

Clearly there’s no replacement for a true “next-gen” endpoint protection solution that delivers in the real world.

You can read the original article here.

Feb

Sophos Delivers Easy-to-Use Security Solutions for Enterprise Mobility Management

Sophos, a global leader in network and endpoint security, today announced the availability of Sophos Mobile Control 6.0, which now includes Sophos Secure Email, a container solution that isolates and secures business data from personal information on devices. Sophos Mobile Control 6.0 also enhances data protection capabilities and allows IT managers to oversee devices used throughout their organization through a simple interface and intuitive workflows.

Within Sophos Mobile Control 6.0 is Sophos Secure Email, a personal information management (PIM) container solution for email, calendar and contacts. Personal and corporate data can be separated, allowing organizations to manage business data security while enhancing user privacy. IT administrators can remotely provision email to employee mobile devices across popular platforms, including iOS, and multiple Android versions.

Also new to version 6.0 is Sophos Secure Workspace which includes Corporate Browser to facilitate safe access to frequently used business productivity sites and applications. Sophos Secure Workspace enables employees to seamlessly access and collaborate on the documents they need, when they need them, in a secure manner. Users also can control levels of access and publishing rights for various cloud storage providers like Dropbox, Google Drive, Microsoft OneDrive and Egnyte. For additional protection, users now can securely move documents and data between mobile devices, cloud storage and corporate endpoints as Sophos SafeGuard file encryption is built in.

With the continued growth in mobile malware, the ability to detect and quarantine infected devices is a growing priority for enterprise mobility management (EMM). In fact, more than 95 percent of attacks today involve harvesting credentials from customer devices and using those stolen credentials to log in to web applications, according to Verizon 2015 Data Breach Investigations Report.

Device security is especially difficult to manage in mid-size enterprises that have widely distributed workforces, yet are resource-stretched. A September 2015 CompTIA study, Managing the Multi-Generational Workforce, showed that nearly half (46 percent) of small and mid-sized businesses have now fully adopted BYOD as a standard practice, as opposed to only 28 percent of large enterprises.

Sophos Mobile Control 6.0 also detects jail-broken or rooted devices, plus malware and potentially unwanted applications (PUAs). The product blocks infected or non-compliant devices from entering the corporate network and automatically blocks malicious or undesirable websites. A recent analysis by third party AV-Test confirmed that Sophos Mobile Control 5.5 detected 100 percent of known Android malware applied during the test period. All of this is done behind the scenes to users so that productivity isn’t sacrificed and critical, confidential data remains private and safe.

Sophos Mobile Control 6.0 is available now from the global network of Sophos certified partners.

You can read the original article, here.

Feb

Sophos. This infographic shows the state of encryption today

Cyberattacks and data breaches have created a lot negative headlines lately. The good news is that the epidemic of cybercrime has led to a growing emphasis on security in general and encryption in particular.

We wanted to find out just how many organizations are using encryption today to protect sensitive data like customer payment details, company financial records, employee records, and intellectual property.

So we worked with a research company to conduct a survey of IT decision makers at organizations large and small, in various industries, and in six different countries.

What we discovered is that the level of encryption in organizations leaves a lot of room for improvement, although there is hope that many companies are moving in the right direction.

You can see the results of our survey in this infographic, and in our encryption survey report. We’ve also put together some free resources, such as videos and guides, to explain how encryption can help you secure your valuable data. Check them out at sophos.com/encrypt.

You can read the original article, here.

Jan

Sophos. Register, set up and get started with your XG Firewall

We designed the new Sophos XG Firewall to meet our high standards for security made simple, and with the admin in mind. It should be comfortable and familiar to anyone with experience using a Cyberoam or Sophos UTM.

However, we want to help you get the most out of your XG Firewall, so we’ve created a comprehensive library of “How-To” videos, including a series of Getting Started and Networking videos.

It makes sense to start at the beginning, with a video about XG Firewall registration and setup. So in this post we’re featuring a short and easy-to-follow video that helps you set up your XG Firewall right out of the box.

The video shows you how to: