Keenan brings more than 20 years of sales and sales management experience to Sophos, including 13 years with SonicWALL, where he most recently built a new sales organization for mid-market accounts and developed the division’s channel strategy. As vice president of North America Sales, Keenan grew the business by fostering key relationships with the company’s channel partners.

“John Keenan is widely respected by the security channel, and I am thrilled to welcome him to Sophos. He brings a proven track record of success in the security space and has winning experience in leading channel and sales teams,” said Michael Valentine, senior vice president of sales for Sophos. “Every day, the Sophos team is working hard to be the preferred vendor in security for the channel and customers. Our products, our people and our partner programs continue to gain industry accolades. In bringing John aboard, we have an ideal leader for continued growth in our North American business.”

“I am excited to join Sophos; the company’s value proposition of ‘security made simple’ clearly resonates with customers and the channel,” said Keenan. “The company’s relentless focus on empowering the channel, a best-in-class portfolio of endpoint, mobile, server and network solutions, and the opportunity to contribute to Mike Valentine’s winning team made my decision to join Sophos an easy one.”

Easy to deploy and simple to manage, Sophos Cloud gives Sophos partners and IT managers at enterprises of all sizes the ability to manage and maintain endpoint security to protect all users, regardless of physical location, via the cloud-based service. The launch of Sophos Cloud is the first step in the company’s aggressive strategy of cloud-enabling its entire portfolio. In addition, Sophos will continue to innovate and extend its ‘on-prem’ security software, providing IT professionals choice in how to best manage IT security in their environment.

Kris Hagerman, chief executive officer for Sophos, said, “Sophos Cloud is the answer to the constant struggle IT teams face in protecting and securing their enterprises. These IT teams may be as small as a single person, but the constant threats and challenges they face could overwhelm an army. To come to their rescue, we’re thrilled to deliver Sophos Cloud – it will be one of our key strategic priorities as we execute on our vision of being the best in the world at delivering complete and powerful IT security to small and mid-market enterprises and organizations of any size looking to simplify their IT security operations“.

With the management console hosted by Sophos Cloud, there is no server set up and service can be deployed instantly, providing complete security coverage everywhere – simply. Sophos Cloud delivers all the essential endpoint protection a company needs without any of the complexity traditionally associated with security management. The service is also consistent with Sophos’ ongoing focus and commitment to be a “Channel First” company.

“The ability to administer our security with Sophos Cloud allows us to better manage our resources and enables us to effectively utilize our time and money. The service was easy for us to implement, and it seamlessly integrated into our environment,” said David Fox, IT Consultant, Neptune Terminals.

“Small and medium businesses are especially challenged regarding IT security. They are targets and must meet security best practices yet are resource constrained,” said Charles Kolodgy, Research Vice President for IDC.

“Sophos Cloud is a welcome addition. Its features can remove some of the complexity tied to security management thus allowing small and mid-market businesses to improve security without taxing their resources”. “As an organization that specializes in IT security and services, M3Corp has had a valuable partnership with Sophos for more than 4 years. Sophos Cloud will help us extend that partnership to quickly deliver cloud security that is easy to deploy and manage, while providing the most efficient and economical security solution to all of our customers throughout Brazil. M3Corp’s partnership with Sophos ensures that our customers will be fully protected from all types of threats,” states Antonio Mocelim, Sales Director, M3Corp.

Availability
Sophos Cloud is currently available. Online 30-day trials are available by visiting: www.sophos.com/cloud

Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) were both designed to help counteract this issue by helping legitimate senders prove that their email isn’t forged.   Now you can implement anti-spam rules in the Sophos Email Appliance that act on the presence or lack of both SPF and DKIM validation and you can even add your own DKIM signatures to outbound mail, providing an added layer of trust to email originating from your organization.

As you would expect, enabling SPF or DKIM policy rules couldn’t be simpler.  With just a couple of clicks you can easily add sender validation using these frameworks to your spam evaluation criteria.

But that’s not all, with v3.8 we’ve also enabled wildcards for selecting sub-domains for  “Select Users” and “Custom Groups” when setting up policy and a few more enhancements.  This release also includes a patch for the OpenSSL man-in-the-middle vulnerability.  You can read all about the updates in the release notes.

Sophos Email Appliance Documentation and Release Notes. Existing email appliance customers will receive this automatically during your next specified update window.

You can read the original article, here.

She writes: “I personally notified the very first bounty recipient via email today that his submission for the Internet Explorer 11 Preview Bug Bounty is confirmed and validated. (Translation: He’s getting paid.)“.

She hasn’t yet named names or put a price tag on the first recipient. In fact, there are already multiple researchers who’ll be receiving bounty payouts. MSRC plans to hook up those researchers who want to be publicly recognized for their contributions on an acknowledgement page on its bounty web site. “Stay tuned, as it will come soon“, Moussouris says.

What Microsoft can share at this point are these two key results:

•     They’re getting more submissions, earlier. Microsoft has received more vulnerability reports in the first two weeks of its bounty programs than it typically would in an average month. It shows that the strategy for getting more vulnerability reports earlier in the release cycle is working, it says.
•     They’re attracting new researchers. Researchers who’ve rarely, or even never, reported directly to Microsoft are now choosing to talk directly to the company. Microsoft interprets that as proof that its strategy to hear from people it usually doesn’t hear from is bearing fruit.

As Moussouris explains it, Microsoft was canny in how it chose to approach the vulnerability market. There’s the black market, where zero-day bugs fetch the highest prices. Then there’s the gray market, where bug-hunting mercenaries make a mint selling information about exploit techniques and unpatched vulnerabilities to corporations and nation states. Microsoft didn’t go there. Instead, it focused on the white market: the place where buyers are after vulnerability information for defensive use, whether it’s vendors themselves (via bounty programs) or a broker who uses the vulnerabilities for their own protection services or threat reports. Moussouris says that three years ago, white-hat bug hunters were passing up cash on the white market and were instead mostly coming to Microsoft directly. That changed over the past few years. Microsoft has witnessed researchers increasingly holding bugs back to see what the going rate might reach on the various markets, typically after Microsoft has released code to manufacturing. The way Microsoft figures it, it’s identified a gap in the market that its new bounty program is filling: namely, in the pre-release, or beta, period.

Moussouris writes: “It’s not about offering the most money, but rather about putting attractive bounties out at times where there are few buyers (if any)… Trying to be the highest bidder is a checkers move, and we’re playing chess“.

There is data out there that bolster Moussouris’ contention that strategically structured, well-timed bounty programs are a good investment. A study recently released by the University of California, Berkeley reports that paying bounties to independent security researchers is a better investment than hiring employees to do it. Piggy and mouse. Image from ShutterstockFor example, Google’s paid out about $580,000 over three years for 501 Chrome bugs, and Firefox has paid out about $570,000 over the same period for 190 bugs. Compare that with just one full-time salaried security researcher digging through code, at, say, $100,000 per year, and the savings can be huge.

You can read the original article, here.

Although it can be exploited in some cases, the good news is that not all implementations can be exploited, and only certain services and applications allow a hacker to exploit this issue. Please see our article on Naked Security for an explanation of the vulnerability itself.

In addition, we have examined our products and we are confident that the Shellshock vulnerability can’t be exploited in any Sophos product. Our IT systems have also been patched or were not vulnerable. For the latest information on how this bug affects Sophos products, please refer to our knowledgebase article from Sophos Support. 

You can read the original article, here.

So here are some tips on how you can use Sophos products to maintain security for your yet-to-be-decommissioned XP systems during the transition period.

1. Run the Sophos endpoint

With the Sophos endpoint you will of course get our award-winning anti-malware scanner, but you’ll also get Host Intrusion Prevention System (HIPS), Application Control, and Patch Assessment (if you are licensed for it).

• Using HIPS is easy and requires no work on your part — HIPS is enabled by default. The guys and gals at SophosLabs are constantly tweaking the detection rules for HIPS to make sure we detect and block exploits of new vulnerabilities.
• By using Application Control you reduce the threat surface further by blocking thousands of applications from running at all.
• Bonus tip: While you are at it, make sure you uninstall any software on your XP systems that isn’t absolutely necessary.
• Our endpoint is also available with Patch Assessment. Use this to find vulnerable software on your XP machines. Missing patches will be listed in order of priority starting with the most critical (currently exploited), making it easy for you to decide where to start.

2. Use Sophos Client Firewall

Sometimes overlooked, the client firewall allows you to really lock down the machine as much as you like — to the point of making it near unusable if you so wish!

• Train the firewall to only allow traffic to and from your known good processes.
• You can also enable checksumming  to identify known processes. It’s more secure, but will require more work from your side to maintain.
• You can also manage ICMP request to stop the system from responding to Ping requests.

Learn more about Sophos products

Those are the choices for the top two technologies you really should consider for any remaining XP systems. There are more  you can use. I haven’t mentioned Device Control, Data Control, Web Control or Full-Disk Encryption — they all play a part in endpoint security. Or you may want to take it one step further and take full control of the network traffic using our SG Series network appliances. Your requirements will of course vary. In any case, we will have a product that can help you stay secure and it will be as easy as possible to implement.

You can read the original article here.

This joint solution provides a highly efficient, scalable and effective network-based platform for service providers and enterprise networks. In turn, they can deliver increased levels of security to their consumer, business and internal customers without any need for end-device software or new network elements.  Utilizing DNS, a lightweight, multi-network, multi-end device protocol, this solution is available for both fixed (xDSL, Cable, NBN) and wireless networks offering protection for PCs, tablets, smartphones, wireless dongles, games consoles, and any IP- enabled device.

“Sophos provides threat intelligence feeds to our network, gateway and endpoint security products. Our partnership with Nominum extends this intelligence to the DNS level, offering security in the core operations of the network,” said Stuart Fisher, Managing Director, Sophos APAC. “SophosLabs identifies more than 30,000 new malicious URLs daily. By adding intelligence from the DNS into the equation, the joint Nominum–Sophos solution offers maximum protection for all network users.”

“Both our companies are highly committed to making the Internet a safer, more secure place for users. Considering the value this partnership will bring into our core markets such as Australia, New Zealand, Singapore, ASEAN, China and India, we anticipate we will see a high-level of adoption.”

“By joining our partner ecosystem, Sophos and Nominum can provide increased protection to Internet users across multiple platforms,” said Brian McElroy, Vice President of Business Development, Nominum.  “A joint Nominum-Sophos security solution offers near real-time (zero day) in-network protection, like the Interpol-fed Nominum Content Blocking solution deployed in Australian carrier networks, which protects Internet users from child sexual exploitation content. Adding this new policy and protection in-network from malicious threats makes great sense.”

This list was conceived to put a spotlight on the professionals driving one of the most important customer segments in the industry today. These executives were nominated by peers, colleagues, customers and partners because of the strong relationships they have built with midmarket customers, for their leadership, strategic thinking and solution excellence they demonstrate. Valentine was also named a “top disrupter,” a listing of the 25 executives who shook up the IT industry this year.

Kris Hagerman, chief executive officer for Sophos, said, “Mike has been with Sophos for less than a year, but he’s already making an enormous impact. As the architect and driver of our “Channel First” sales strategy, Mike has enabled Sophos to make major strides to work better and more closely with the channel than ever before. Mike is well-known by the channel as a great leader, recruiter and winner. We’re thrilled to have Mike at Sophos leading our global sales team, and this validation from CRN and our partners provides added evidence that we’ve become the leading choice for delivering complete IT security without complexity.”

Commentary from the Sophos Channel
“Our partnership with Sophos allows us to provide comprehensive security solutions for clients, datacenters, and the cloud. We are excited about the leadership and direction Mike brings to Sophos,” said Stephen Perciballi, Security Category Leader, Datacenter Group, Softchoice.

“Sophos’ commitment to the channel is impressive. It has an outstanding partner program and excellent IT security value proposition with award-winning security solutions that are simple to implement and simple to use. Combined with its determination to help partners like us grow our business, Sophos is delivering on his channel first promise,” said Jez Turner, Sales Director, Foursys. Foursys is a specialist in IT security solutions, with over 16 years’ experience and more than 900 customers in the UK.

And, as an IT professional, I faced the same challenge in all of these roles: SMBs have many of the same infrastructure needs as larger enterprises, but I didn’t have the time, budget or expertise to implement enterprise technology. Antivirus is a great example.

When I worked at an educational non-profit organization, we had a couple hundred users and a fast-changing environment. We had students doing who-knows-what with the classroom computers, limited Internet bandwidth that was often brought to its knees by people watching streaming video during peak usage times, and an Executive Director who wanted to use his Blackberry for work.

I was familiar with technologies like device control, host-based intrusion prevention systems (HIPS), web content filtering, and mobile device management. But who had the time or budget to research, acquire, learn, configure and maintain each of these systems?

Like most SMB IT professionals, I was left with a choice: attempt to implement one or more complex enterprise solutions as best I could, or I could compromise on the features and integration by selecting a hodgepodge of “small business” products. Goodbye Active Directory sync and HIPS! Hello separate web filtering, antivirus and mobile solutions!

It is no exaggeration to say that if someone had showed me Sophos Cloud back then, I would have thought it was an April Fool’s prank. No server and console to configure and install? Enterprise-class technology that is both affordable and easy to use? Everything integrated into a single intuitive interface?

Surely that’s not possible! And, to be fair, it wasn’t possible back when I was working in IT. But today it is.

About Sophos Cloud

Sophos Cloud provides everything you need to manage security for all of your organization’s end user devices: Windows, Mac and mobile. From device control to HIPS, Active Directory sync to web content filtering, it’s all there.

More importantly, it’s designed to give you enterprise-level protection with Sophos’s trademark simplicity. It’s almost enough to make me wish I was working in IT again.

Try it out today. You’ll be up and running with the 30-day free trial in just 60 seconds.

You can read the original article, here.

Some recent industry estimates report that as many as 96 percent of organizations now have employees who use both corporate-managed and personal mobile devices for work purposes, forcing IT to adopt new strategies to protect their data on those devices. Even though huge numbers of smartphones and tablets are lost every day, many users don’t enable even basic password protection.

Mobile malware and hacking is on the rise and many workers are still using unsecured personal mobile devices to access corporate data—a major concern for organizations trying to protect data while letting users work how they want.

Sophos Mobile Control provides the complete security that IT requires to confidently embrace employee device mobility. This latest version delivers Windows Phone 8 support alongside iPhone/iPad and Android, with self-enrollment and self-service capabilities for users, and allows IT to manage the complete device lifecycle as well as loss & theft scenarios.

Also included is an easy-to-use client app, which provides access to compliance status, messages and support information—allowing for comprehensive reporting and giving IT a holistic view of devices. Simpler administration is delivered by an updated menu, dashboard and various other workflow improvements. The SaaS version of Sophos Mobile Control 3.5 delivers better integration into corporate IT with a new remote Exchange ActiveSync (EAS) Proxy that enables organizations to block non-compliant devices from receiving email, and remote LDAP support that allows users to easily connect to Active Directory.

You can read the original article, here.

1. Always secure your smartphone with a password

One of the most basic security tips, but one which is sometimes completely overlooked! Having no access protection at all is just foolish. Swipe patterns are ok, but greasy finger-trails could reveal too much. A four-digit PIN is an improvement but using a strong passcode is the ideal phone protection.

2. Ensure that your device locks itself automatically

If you set up password-protection on your phone but then leave it unlocked on your desk for 15 minutes, you won’t have achieved very much. Most smartphones allow you to set them up to automatically lock themselves after a period of inactivity. Make sure you choose the shortest timeout you are comfortable with. Two to five minutes is better than ten to thirty, even if it does feel slightly inconvenient.

3. Install security software

Your smartphone is a computing device and should be protected accordingly. Look for an app like Sophos Mobile Security that includes malware prevention, remote data wipe, privacy review of apps and an automatic security advisor to alert you to potential risks when you change a device setting. If you’re in charge of securing your organisation’s phones and tablets, then choose a mobile device management solution like Sophos Mobile Control.

4. Only download apps from approved sources

The Google Play Store and Apple’s App Store take security pretty seriously. They are very careful about what apps they make available and will withdraw apps that raise concerns after release. Read user reviews of apps before installing them – if there are any security concerns then someone else may well have mentioned them.

5. Check your apps’ permissions

Apps. Image courtesy of Shutterstock.Many apps require more than the basic default permissions. For instance, you can reasonably expect an SMS app to send and receive text messages just as a mapping app will request your GPS location. But something like a calculator that needs network access or an alarm clock that wants to read your contact database should be treated with extreme caution!

6. Don’t miss operating system updates

Updates to your OS often include system vulnerability patches, so it’s important to install them. You might want to be advised of updates rather than having them automatically installed, as early adopters sometimes experience teething problems – but the forgetful among you may prefer that to missing updates altogether.

7. Be wary of any links you receive via email or text message

Now you can pick up email on your phone, exercise caution when clicking on links. And phishing scams are not limited to email – a text message can incite you to click on a dodgy link or ask for personal information. Even simply replying to unknown SMS or email senders can raise the crooks’ interest in you, leading to more pressure to respond.

8. Encrypt your smartphone

Even if you’ve secured your smartphone with a password, a thief could still plug your device into a computer and gain access to all of your personal information. Using encryption on your smartphone can help to prevent such data theft.

9. Turn off automatic Wi-Fi connection

WiFi. Image courtesy of ShutterstockOne of the great things about modern mobile phones is their ability to connect to the internet in many ways, but continually probing for wireless networks gives away information about your identity and location, and blindly connecting to unencrypted access points can let your phone leak all sorts of useful things for malicious actors to intercept and act upon. So tell your phone to forget networks you no longer use, so as to minimise the amount of data leakage and configure your phone to automatically turn on/off wireless in certain places using a location-aware smartphone app.

10. Turn off Bluetooth and NFC when not in use

Bluetooth and NFC (near field communication) are great in terms of connectivity, allowing you to use accessories such as wireless keyboards and headsets or make payments with a wave of your smartphone. But it does open a door for the bad guys to gain access to your device and access your data, so you should either switch these features off or put your device into “not discoverable” mode whenever possible. Also, be careful when pairing devices – never accept requests from unknown devices.

You can read more here.