Microsoft Outlook users have various options at their disposal for archiving emails. The quickest of these is the archive button as it is built into Outlook’s menu bar and can be accessed without having to call the administrator.

Have you ever used the archive button? Have you ever clicked on it by mistake when trying to delete an email? Or have you made a conscious decision to use it? Some do find it useful, but we reckon it can lead you astray. Because you don’t need to be an expert in email archiving to know that the archive button doesn’t come close to meeting the requirements expected of a professional archiving product when it comes to processing emails.

Archiving Emails with the Outlook Archive Button – How It Works

So, what does the archive button do? Essentially, it lets you move an email from your inbox to an archive folder. But since this folder is also in Outlook, all you’re actually doing is changing the storage location for your emails. So, while Microsoft may call this option “archiving”, it doesn’t satisfy the criteria a professional email archiving solution should. By definition, an archive is the final storage place of documents at the end of a chain of prior usages; as such, it must be capable of retaining this material permanently, e.g. via special safeguards. Today, the EU GDPR and other such legal requirements mean that email archiving has become quite a complex matter in everyday corporate practice. At the same time, an archive’s job is to ensure that all its records – in this case, emails – remain available at all times.

The Downside of Using the Outlook Archive Button

If you want to archive your emails professionally or are obliged to do so for legal reasons, using the archive button does entail certain risks.

The archive button is not suitable for

• guarding against data loss, as it does not safeguard emails from manipulation or deletion;
• potentially reducing the volume of data in a mailbox, as the archive folder is located within the Outlook mailbox;
• ensuring that email data remain permanently available, as emails will no longer be accessible if Outlook fails.

The archive button is only suitable for keeping an inbox visually lean. When you use the archive button, you are moving old emails out of your field of vision into an archive folder. You can use Outlook’s search function to find old emails, including those that you have moved to the archive folder.

What Other Mail Archiving Options Does Microsoft Offer?

The primary objective of any professional email archiving solution is to ensure that email data remain retrievable and, thus, permanently available over time. To do this, the archiving solution stores copies of all emails in a central archive, thus guaranteeing the availability and security of data over many years.

So, although Microsoft does provide various applications in its Outlook, Exchange Server and Microsoft 365 products in connection with email “archiving”, they either do not – or only partially – fulfill the objectives of a professional email archiving solution.

• Archiving PST Files / AutoArchive (Outlook)
  Users can move emails to PST files and store them locally on their own computer or in the cloud.

• Archive Mailbox without Exchange Online Archiving
  The archive mailbox is a separate mailbox with its own storage to which emails can be moved. This archive mailbox must be set up by an administrator.

• Archive Mailbox with Exchange Online Archiving
  With Exchange Online Archiving (EOA), users can move their emails to a separate archive mailbox to which administrators can apply their own archiving and retention policies.

Why You Should Use an Independent Email Archiving Solution

At first glance, it may seem beneficial to have email archiving functions and the email client on the same platform. Generally, however, the email archiving options available in Microsoft do not satisfy the requirements of a professional email archive.

PST files or the archive button offer no real protection against data loss when it comes to storing emails in a safe and secure environment. Likewise, the separate archive mailbox possible in M365 (when not using Exchange Online Archiving) does not fully meet the criteria of a professional email archiving solution. Only the archive mailbox that comes with Exchange Online Archiving (EOA) has the functions and features required for professional email archiving, such as retention policies, legal holds and eDiscovery options. But since Exchange Online Archiving is included only in the more expensive Business Premium and Enterprise M365 plans, this is not normally an option for small or medium-sized companies due to their financial constraints.

A professional, independent email archiving solution, on the other hand, offers a wide range of functions at a reasonable price and is, therefore, more suitable for SMEs.

Below are some of the key benefits of an independent email archiving solution.

Independence from Microsoft

Without an external email archive, users will not be able to access their emails if the Microsoft 365 service fails. Using an external email archive will ensure that a vendor lock-in is avoided and that the company’s emails remain accessible even if M365 fails.

Self-Service for the End User

Users not only have a fast and efficient archive search function at their disposal – they can also restore archived mails quickly and simply without having to call on the services of a system administrator.

Protection Against Data Loss and Manipulation

Emails, once in the archive, cannot be deleted or modified by the user. Only an administrator can define how long emails should be retained within the system. Journaling ensures seamless archiving.

Compliance with Privacy Laws

When used appropriately, certified email archiving solutions ensure that emails are processed in line with the pertinent data privacy laws. Especially since the EU’s DSGVO came into force, data privacy has become a key focus of public attention.

Reasonable Total Cost of Ownership (TCO)

An independent email archiving solution offers a wide range of functions at a reasonable price. Small and medium-sized enterprises (SMEs), in particular, can benefit from this and do not have to resort to expensive enterprise solutions.

Takeaways – The Outlook Archive Button Cannot Archive Emails Professionally

The archive button delivers much less than its name suggests. In certain circumstances, it could save time by eliminating the need to manage numerous subfolders in an inbox; but it cannot satisfy the criteria expected of a professional email archiving solution. Our two free white papers explain in detail which email archiving options are available in Microsoft 365 and Microsoft Exchange Server, and which are the most suitable for your needs.

Source: MailStore

We are delighted to announce that Sophos has been named a Leader in the 2023 Gartner® Magic Quadrant™ for Endpoint Protection Platforms (EPP), marking our 14th consecutive recognition as a Leader in this category.

A Leader for the fourteenth consecutive time

This year’s report provides readers with a comprehensive evaluation of the industry’s most prevalent endpoint prevention, endpoint detection and response (EDR), extended detection and response (XDR), and managed detection and response (MDR) offerings.​

Sophos has been recognized in the Gartner® Magic Quadrant™ for Endpoint Protection Platforms (EPP) since its inaugural publication in 2007, and we believe our continued focus on a protection-first approach is a key factor contributing to our continued position as a Leader in this evaluation. While the threat landscape has evolved, Sophos has continued to keep organizations of all sizes ahead of even the most advanced attacks, with customers benefiting from recent industry-first innovations such as Adaptive Attack Protection, which dynamically enables heightened protection in response to the detection of an active adversary on endpoint devices.

Accelerating detection and response with extended third-party compatibility

We have significantly enhanced our XDR and MDR offerings in 2023, including additional integrations with an extensive range of third-party security tools, including identity, network, firewall, email, cloud, productivity, and endpoint security solutions.

Third-party integrations for Sophos XDR and MDR provide greater visibility of threats across all key attack surfaces and enable organizations to get a higher ROI from their existing technology investments. Security detections from Sophos and non-Sophos products are created, ingested, filtered, correlated, and prioritized – providing more value from third-party tools​ than solutions that only use telemetry to enrich existing endpoint detections.

Sophos has also extended MDR service coverage across the full suite of Microsoft security solutions. Over 500 Sophos security experts deliver 24/7 monitoring, investigation, and human-led response for organizations that have invested in the Microsoft security suite.

Gartner® Peer Insights™ Customers’ Choice

Our Gartner Magic Quadrant for EPP recognition follows Sophos being named a Gartner® Peer Insights™ Customers’ Choice for Endpoint Protection Platforms for the second consecutive year and Customers’ Choice for MDR in the first-ever report in this segment​. Sophos was also one of only ten vendors recognized in the 2023 Gartner Market Guide for XDR. We believe these Gartner recognitions are a testament to the quality of the protection and service we provide to Sophos customers.

To find out why Sophos was named a Leader in the Gartner® Magic Quadrant™ for Endpoint Protection Platforms for the fourteenth consecutive time, read the full report at https://www.sophos.com/en-us/report/magic-quadrant-endpoint-protection-platforms.

Source: Sophos

We’d like to present a new version of our email archiving software today: Version 23.4 of MailStore Server, the MailStore Service Provider Edition (SPE), and MailStore Home is now available. Read this blog article to get all the details on the new features and availability of our email archiving solutions.

New Features in MailStore Version 23.4

MailStore V23.4 has many new features that administrators and users of our email archiving solutions MailStore Server, MailStore SPE and MailStore Home can look forward to. These are the new features in detail:

Archiving of NDRs From an Alternate Journaling Mailbox

This feature facilitates data recovery for customers of MailStore Server and the MailStore Service Provider Edition using Microsoft 365 / Exchange Online in cases where a MailStore Gateway was unavailable and NDRs (Non-Delivery Reports) were sent to a fail-over mailbox (or an alternate journaling mailbox). In cases like these, MailStore was unable to extract the journal report from the NDR until now. By adding another archiving profile, journal reports embedded in NDRs can now be automatically imported to your MailStore archives. This avoids cumbersome resending and thus enhances the usability and overall reliability of your archiving solution. We recommend setting up two separate MailStore Gateways, one for the journaling mailbox and the second one as an alternate mailbox to benefit from this enhancement.

Deleting Flagged Emails

With this new MailStore version it is now possible to remotely delete an email in your email server mailbox, even when a user had flagged it in their mailbox, e.g. in Outlook. In previous versions, MailStore has generally never removed any flagged emails from the email server unless they were marked as “completed”. The logic behind this policy is that flagged emails may require follow-up work by a user. However, practice shows that MailStore admins still want to remove such emails for a variety of reasons. This option is now available in MailStore Server, the MailStore Service Provider Edition and MailStore Home for all M365 and Exchange archiving profiles as well as all IMAP-+ based archiving profiles (generic IMAP; Gmail, Google Workspace, MDaemon, Icewarp, Kerio).

Enhanced Archiving Profiles

This enhancement gives admins more flexibility when defining archiving profiles. While you might typically want to archive all emails or emails older than a certain date, there are cases where you will need to archive just those emails that were created after a certain date. For instance, this is useful if you have 15+ years of email history, but only want to archive emails created over the last 10 years. The new filter option within the archiving profiles is also useful if you want to migrate archives. This feature is now available in MailStore Server, the MailStore Service Provider Edition and MailStore Home.

API Improvements

We have made enhancements to the APIs of MailStore Server and the MailStore Service Provider Edition that help administrators to better monitor a MailStore installation (GetWorkerResultReport) and upgrade all archives stores (UpgradeStores). In addition, MailStore Server administrators can now use the API to replace server certificates (SetServiceCertificate).

Other Improvements

With Simple Authentication and Security Layer (SASL) for IMAP multi-mailbox archiving, you can now select various user id formats. Improved auto-discovery for Microsoft 365 facilitates the archiving of public folders. In addition, there are several security updates and bugfixes.

Finally, we want to advise you that Windows Server 2012 and 2012 R2 have reached end of support at Microsoft and thus cannot be supported by MailStore either. We recommend an upgrade if you are still using such EOL servers. Additionally, support for Exchange Server 2003 has finally been removed.

Updated Certification: Meeting Data Privacy Requirements

As usual, the latest version of our software, Version 23.4 of MailStore Server and the MailStore SPE, has been certified by an independent data privacy expert.

The certification takes into account all relevant aspects of the European General Data Protection Regulation (GDPR) and affirms that, when used appropriately, both MailStore Server and the MailStore SPE meet all the requirements governing the processing of personal data set out in the GDPR.

You can request a copy of the official GDPR audit certificate from sales@mailstore.com.

Registered MailStore partners can download the certificates from our Partner Portal or request it by email from partners@mailstore.com.

Availability

You can download the new version of MailStore Server, the MailStore Service Provider Edition, MailStore Home and MailStore Gateway free of charge from our website.

If your MailStore Server Update & Support Service has expired, please contact us to purchase an upgrade that will allow you to use the latest version of MailStore Server. Read here to find out about other good reasons for having an active Update & Support Service in place.

Interested companies can also download MailStore Server Version 23.4 as part of a free, 30-day trial. If you are an MSP and are interested in offering email archiving as a service based on the MailStore SPE, please contact our sales team at partners@mailstore.com. Alternatively, you can sign up as an authorized MailStore Partner with us right now for free.

Source: MailStore

G2 just released their Winter 2024 Reports, and Sophos is the only cybersecurity provider named a Leader across the G2 Grid® Reports for Endpoint Protection Suites, Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), Firewall Software ,and Managed Detection and Response (MDR). This latest recognition makes Sophos the only vendor named a Leader in these five key cybersecurity categories through all G2’s 2023 Seasonal Reports. Additionally, G2 users also rated Sophos the #1 overall MDR and Firewall solutions once again.

Independent Sophos Customer Validation

G2 distinctions and rankings are based on independent, verified customer reviews on G2.com, the world’s largest software marketplace and peer review platform. In G2’s Winter 2024 Reports, Sophos was named an Overall Leader in five categories, as well as a Leader in 14 individual market segment Grids:

• Endpoint Protection Suites: Overall, Mid-Market, and Small Business Grids
• EDR: Overall and Mid-Market Grids
• XDR: Overall and Mid-Market Grids
• Firewall: Overall, Enterprise, Mid-Market, and Small Business Grids
• MDR: Overall, Enterprise, and Mid-Market Grids

We are honored that our customers have recognized our services and products, and we thank them for putting their trust in us.

Delivering Defense in Depth for Today’s Businesses

As adversaries have become more sophisticated and elusive, defenders should implement a defense-in-depth strategy that includes protection, detection, and response at every point along the attack chain to cover their entire environment. This layered approach should be inclusive of endpoint, network, email, and cloud security, as well as threat hunting and remediation services by security experts.

The fact that IT and security professionals recognize Sophos as the Leader across these key categories is validation that Sophos delivers the best and most comprehensive set of products and services required for modern day cybersecurity.

Uniquely, all Sophos customers are protected by Sophos X-Ops, a joint task force that brings together deep expertise across the attack environment from frontline threat hunters and incident responders to deep malware and AI specialists. Together they provide unparalleled insights into how threats are built, delivered, and operate in real time. Armed with this deep understanding, Sophos is able to build innovative, powerful, and effective defenses against even the most advanced threats.

Additional Sophos Customer and Analyst Validation

Alongside our G2 recognition, Sophos solutions are widely recognized by customers and the analyst community, including:

Sophos Endpoint

• Named a Leader in the 2022 Gartner® Magic Quadrant™ for Endpoint Protection Platforms for the 13th consecutive time
• Named a 2023 Gartner® Customers’ Choice™ for Endpoint Protection Platforms with a 4.8/5 customer rating on Gartner Peer Insights

Sophos Extended Detection and Response (XDR)

• Recognized as the #1 overall leader in the Omdia Universe for Comprehensive Extended Detection and Response (XDR)
• Delivered exceptional results in the 2023 MITRE Engenuity ATT&CK Evaluations (Round 5: Turla).

Sophos Firewall

• Named a 2023 Gartner® Customers’ Choice™ for Network Firewalls with a 4.7/5 rating on Gartner Peer Insights
• Recognized as a Strong Performer on the Forrester Wave

Sophos Managed Detection and Response (MDR)

• Named a 2023 Gartner® Customers’ Choice™ for Managed Detection and Response Services with a 4.8/5 rating on Gartner Peer Insights
• Top performer in the 2022 MITRE Engenuity ATT&CK Evaluation for Managed Services

Select Customer Reviews

Sophos MDR is a must. My team is small, and it’s great knowing if we’re all busy putting out IT fires, MDR is ready to take action if my team is unable to respond immediately to suspicious activity. This is much better than relying on alerts that we need to investigate. Of course, we have alerts enabled, but setting the thresholds for the alerts is nearly impossible. The alerts are either not sensitive enough and we’ll miss something important, or the alerts are too sensitive and we receive too many to investigate. Sophos MDR didn’t just solve this problem; it completely removed it. More.

The 24/7 threat-hunting service from Sophos MDR stands out as a feature of utmost importance, providing around-the-clock vigilance and prompt reaction to emerging threats. Its true value lies in the managed remediation process – unlike other solutions that merely notify, Sophos steps in to effectively stop and rectify the issue and then informs us about the incident. This proactive and hands-on approach is what sets Sophos MDR apart and makes it a highly appreciated solution. More.

“…a real threat for hackers !!! [Intercept X] is easy to use and has a lot of the world’s best technologies. CryptoGuard feature is the essential feature. More.

[Intercept X] provides a comprehensive solution with AI and machine learning-based detections and prevention. More.

Overall, Sophos Firewall is a robust security solution that offers advanced threat protection, easy management, and granular control over your network traffic. Its features help you secure your network, improve network performance, and prevent cyberattacks, making it an ideal choice for businesses of all sizes. More

Sophos Security Portfolio

Sophos’ portfolio of managed security services and solutions – including Sophos MDR, Sophos Intercept X, Sophos XDR, and Sophos Firewall – are part of the Sophos Adaptive Cybersecurity Ecosystem where they share real-time threat intelligence for faster and more contextual and synchronized protection, detection and response. They’re powered by Sophos X-Ops threat intelligence, a cross-operational task force of more than 500 security experts within SophosLabs, Sophos SecOps and SophosAI.

Solutions are easily managed in the cloud-native Sophos Central platform, where users can oversee installations, respond to alerts and track licenses and upcoming renewal dates via a single, intuitive interface. Organizations can also leverage Sophos MDR as a comprehensive threat hunting and remediation service. Free trials are available at Sophos.com. Any organizations under active attack and needing urgent support, should contact the Sophos Incident Response team. For timely information about threat intelligence and attacker behaviors, follow Sophos X-Ops’ latest research.

Source: Sophos

Fortra’s Terranova Security’s chief information security officer explains the dangers associated with the advancement of AI and how businesses can better prepare against attacks.

The rise of artificial intelligence is being accompanied by a rise in consciousness of the risks to cybersecurity. 

“Hackers are utilising AI to develop more advanced attacks and evade detection from security tools,” says Theo Zafirakos, chief information security officer at Fortra’s Terranova Security. “Businesses need to be aware of the various ways that hackers may manipulate them, from malware designed to bypass detection to more sophisticated and targeted phishing attacks.”

For instance, scammers are now exploiting AI technology to impersonate people by creating voices that convincingly portray victims’ coworkers. This phishing technique can deceive employees into providing sensitive information.

AI can also be used to gather sensitive data. “Every industry is grappling with an enormous amount of data,” says Zafirakos. “Attackers are employing AI to analyse and collect data more quickly. Healthcare providers, manufacturers and financial services organisations handle large amounts of data to drive innovation and inform decision-making. Bad actors will target that sensitive data to either disrupt operations or gather further information.”

There are steps that organisations can take to protect themselves. One of the most important is cybersecurity awareness training, which can enhance an enterprise’s ability to identify and mitigate AI-related security threats.

“As with any other cybersecurity concern, knowledge and proper employee education are the best defence,” says Zafirakos. And AI can be put to good use here. “Chatbots can be employed to educate users on how to protect their devices and personal information. Similarly, machine learning on employee awareness levels can be utilised by team leaders to identify gaps in employee knowledge of security awareness.”

Furthermore, employees can learn to detect AI-enabled or AI-generated attacks and avoid falling victim. They can also learn about the acceptable use of AI tools for business operations in the process, such as enhancing productivity. For example, they can learn to fact-check emails through phishing awareness training and avoid opening unsolicited software that could be AI-generated malware.

“Detection and prevention technologies, such as intrusion protection systems and intrusion detection systems, and user-behaviour analysis can monitor and alert users to any suspicious activity on their networks or devices in real time,” explains Zafirakos. “AI can also be used to automate threat responses to swiftly mitigate damage and prevent its spread to other infrastructure components. This will significantly reduce the costs associated with data protection, awareness training and data-breach responses.”

As AI continues to evolve, organisations must take proactive measures to stay ahead of emerging threats and vulnerabilities.

“Understanding how AI can disrupt or improve an organisation is essential for successful operations,” says Zafirakos. “I urge business leaders to establish an internal acceptable use policy for AI tools so that employees can enhance their workloads, and to incorporate content related to AI risks and threats within their security awareness programmes so that everyone is equipped to protect against AI-related attacks.”

Source: Fortra and Technology Record

Generative artificial intelligence technologies such as OpenAI’s ChatGPT and DALL-E have created a great deal of disruption across much of our digital lives. Creating credible text, images and even audio, these AI tools can be used for both good and ill. That includes their application in the cybersecurity space.

While Sophos AI has been working on ways to integrate generative AI into cybersecurity tools—work that is now being integrated into how we defend customers’ networks—we’ve also seen adversaries experimenting with generative AI. As we’ve discussed in several recent posts, generative AI has been used by scammers as an assistant to overcome language barriers between scammers and their targets generating responses to text messages as an assistant to overcome language barriers between scammers and their targets, generating responses to text messages in conversations on WhatsApp and other platforms. We have also seen the use of generative AI to create fake “selfie” images sent in these conversations, and there has been some use reported of generative AI voice synthesis in phone scams.

When pulled together, these types of tools can be used by scammers and other cybercriminals at a larger scale. To be able to better defend against this weaponization of generative AI, the Sophos AI team conducted an experiment to see what was in the realm of the possible.

As we presented at DEF CON’s AI Village earlier this year (and at CAMLIS in October and BSides Sydney in November), our experiment delved into the potential misuse of advanced generative AI technologies to orchestrate large-scale scam campaigns. These campaigns fuse multiple types of generative AI, tricking unsuspecting victims into giving up sensitive information. And while we found that there was still a learning curve to be mastered by would-be scammers, the hurdles were not as high as one would hope.

Using Generative AI to Construct Scam Websites

In our increasingly digital society, scamming has been a constant problem. Traditionally, executing fraud with a fake web store required a high level of expertise, often involving sophisticated coding and an in-depth understanding of human psychology. However, the advent of Large Language Models (LLMs) has significantly lowered the barriers to entry.

LLMs can provide a wealth of knowledge with simple prompts, making it possible for anyone with minimal coding experience to write code. With the help of interactive prompt engineering, one can generate a simple scam website and fake images. However, integrating these individual components into a fully functional scam site is not a straightforward task.

Our first attempt involved leveraging large language models to produce scam content from scratch. The process included generating simple frontends, populating them with text content, and optimizing keywords for images. These elements were then integrated to create a functional, seemingly legitimate website. However, the integration of the individually generated pieces without human intervention remains a significant challenge.

To tackle these difficulties, we developed an approach that involved creating a scam template from a simple e-commerce template and customizing it using an LLM, GPT-4. We then scaled up the customization process using an orchestration AI tool, Auto-GPT.

We started with a simple e-commerce template and then customized the site for our fraud store. This involved creating sections for the store, owner, and products using prompting engineering. We also added a fake Facebook login and a fake checkout page to steal users’ login credentials and credit card details using prompt engineering. The outcome was a top-tier scam site that was considerably simpler to construct using this method compared to creating it entirely from scratch.

Scaling up scamming necessitates automation. ChatGPT, a chatbot style of AI interaction, has transformed how humans interact with AI technologies. Auto-GPT is an advanced development of this concept, designed to automate high-level objectives by delegating tasks to smaller, task-specific agents.

We employed Auto-GPT to orchestrate our scam campaign, implementing the following five agents responsible for various components. By delegating coding tasks to a LLM, image generation to a stable diffusion model, and audio generation to a WaveNet model, the end-to-end task can be fully automated by Auto-GPT.

• Data agent: generating data files for the store, owner, and products using GPT-4.
• Image agent: generating images using a stable diffusion model.
• Audio agent: generating owner audio files using Google’s WaveNet.
• UI agent: generating code using GPT-4.
• Advertisement agent: generating posts using GPT-4.

The following figure shows the goal for the Image agent and its generated commands and images. By setting straightforward high-level goals, Auto-GPT successfully generated the convincing images of store, owner, and products.

Taking AI scams to the next level

The fusion of AI technologies takes scamming to a new level. Our approach generates entire fraud campaigns that combine code, text, images, and audio to build hundreds of unique websites and their corresponding social media advertisements. The result is a potent mix of techniques that reinforce each other’s messages, making it harder for individuals to identify and avoid these scams.

Conclusion

The emergence of scams generated by AI may have profound consequences.  By lowering the barriers to entry for creating credible fraudulent websites and other content, a much larger number of potential actors could launch successful scam campaigns of larger scale and complexity.Moreover, the complexity of these scams makes them harder to detect. The automation and use of various generative AI techniques alter the balance between effort and sophistication, enabling the campaign to target users who are more technologically advanced.

While AI continues to bring about positive changes in our world, the rising trend of its misuse in the form of AI-generated scams cannot be ignored. At Sophos, we are fully aware of the new opportunities and risks presented by generative AI models. To counteract these threats, we are developing our security co-pilot AI model, which is designed to identify these new threats and automate our security operations.

Source: Sophos

How you use a password manager varies slightly depending on which password manager you have. However, they all have similar functionality. To use a password manager, you first have to set your master password, set up your multi-factor authentication methods, export and import your current passwords, download the necessary apps and create new strong passwords for each of your accounts.

Continue reading to learn more about using a password manager and why using this tool is a good idea for securing your accounts.

Is It a Good Idea To Use a Password Manager?

A password manager is a tool that aids users in generating, managing and securely storing passwords and other sensitive data. Using a password manager is one of the best ways to keep your accounts secure. Without a way to securely manage or store passwords, people fall into the bad habit of reusing passwords or using variations of the same password across multiple accounts. This is a dangerous practice because it makes all of your accounts more vulnerable to being compromised if one of your passwords is compromised or leaked in a data breach.

Should I use my browser’s password manager?

A browser password manager is a password manager that is integrated into a web browser such as Chrome or Safari. Using your browser’s password manager may seem convenient, but that convenience makes your accounts more vulnerable. While browser password managers store passwords in encrypted databases, they hide the encryption key in predictable locations. If a cybercriminal were to install malware onto your device, such as spyware, they would be able to see all your saved passwords in plaintext since the encryption key is left unprotected. If a cybercriminal were able to gain physical access to your computer, or if you logged into your browser on a public computer, they can also just open the browser password manager to see all of your passwords.

Standalone password managers often offer more security than browser password managers because they are designed with security as the priority – browser password managers are not. However, you should still research the password managers you’re considering to ensure they have top-of-the-line cybersecurity, including zero-knowledge encryption and a history of being trustworthy.

How To Use a Standalone Password Manager

Here are the steps to using a standalone password manager.

1. Create a master password

Once you’ve chosen a password manager, the first step you’ll need to take is to create a master password. Your master password is the most important password you’ll create and have to remember since it’s the password that gives you access to your vault. It’s recommended that your master password is at least 12 characters long and includes a combination of letters, numbers and symbols. The longer and more complicated your master password is, the better.

When creating your master password, make sure you’re able to remember it. One way you can do this is by creating an acronym. To create a master password using an acronym, you’ll want to think of a phrase that’ll be easy for you to remember.

As an example, we’ll use the phrase “I enjoy going to the beach in the Summer because of the nice weather.” To create an acronym out of this phrase, you take the first letter of each word and use it in your master password. Remember to use a combination of upper and lowercase letters, numbers and symbols. The master password we can get out of this phrase is “I3g2TB|t$b0tNW.” You can add even more symbols to complicate the password.

2. Enable Multi-Factor Authentication (MFA)

Multi-factor authentication is an extra layer of security you can, and should, add to your account. After creating your master password, you’ll be asked if you want to enable MFA for your password manager – we strongly recommend you enable it. MFA will help ensure that no one but you is able to access your account. Some MFA methods we recommend you use are the following:

• Security keys
• Authenticator apps
• Biometric authentication

Along with securing your password manager with MFA, we recommend enabling 2FA on your other accounts, where possible. The more verification factors on your accounts, the more secure they’ll be.

3. Export and import your passwords

You’ve most likely used a password manager before without knowing, such as your browser’s password manager. While a browser does have the ability to save your passwords, browser password managers can be easily compromised.

If you have passwords saved in your browser’s password manager, you can easily export and import them to a more secure option. The process of doing this may vary depending on the password manager you have so we recommend you consult your password manager’s guide to help you throughout the process. To import passwords from your browser, the process also depends on which password manager you’ve chosen. The video below is an example of what the process of importing would look like if your chosen password manager is Keeper.

Once you’ve successfully exported and imported your passwords into your password manager, make sure to delete the saved logins from your browser. The only place your logins should be saved is inside your password manager’s encrypted vault.

4. Download the browser extension and apps

Password managers offer a variety of options to access your digital vault. For example, some password managers offer you the ability to download their browser extension, mobile apps and an application for your computer. Download what you think you’ll need to make accessing your vault convenient on all of your devices.

5. Create new, strong passwords

Once your account is all set up, you should change your passwords to ones that are strong and unique. The idea of changing all your passwords may feel daunting at first, but a password manager makes it easy for you. We recommend downloading your password manager’s browser extension to make the process of changing your passwords easier.

With the help of a password manager, you’ll be able to automatically generate strong passwords for each of your accounts. When your passwords are updated, your password manager will prompt you to save the new password into a record in your vault. If you choose to save the website address into the same record, your password manager can autofill your credentials whenever you visit the URL that matches the one stored in the record.

If you have a lot of accounts you need to secure with strong passwords, it’s best to start with the most critical ones like your bank or accounts that have been compromised in data breaches.

6. Monitor your passwords

Once you’re all done setting up your password manager, the only thing you’ll need to do moving forward is have your password manager assist you when creating new accounts. You may also want to purchase an add-on to your password manager known as dark web monitoring. With dark web monitoring, you’ll be immediately notified if any of the credentials stored in your vault are involved in a data breach. This allows you to update your password right away, so you can secure your account to protect your data.

The Importance of Using a Password Manager 

While the thought of moving all your passwords to a password management solution may feel overwhelming at first, most password managers make importing your passwords a seamless experience. Once you’re all set up with your new password manager, your online life will become a lot easier and safer because password managers offer both convenience and security.

If you have yet to choose a password management tool that fits your needs, learn what to look for in a password manager.

Source: Keeper Security

We are extremely pleased to announce that Sophos Firewall v20 is now available. This latest release includes an innovative new active threat response capability, several networking enhancements, added support for securing your remote workforce, and many of your top-requested features.

Sophos Firewall v20 is a free upgrade for all licensed Sophos Firewall customers.

Watch the video below for an overview of what’s new, download the What’s New PDF, or read on for the full details and deep-dive demo videos.

Active Threat Response

Extending Synchronized Security to MDR and XDR provides a direct feed for security analysts to share active threat information with the firewall, enabling it to automatically respond to active threats without creating any firewall rules.

Dynamic Threat Feeds introduces a new threat feed API framework that is easily extensible. It enables threat intelligence to be shared by the Sophos X-Ops team, other Sophos products like MDR and XDR, and ultimately third-party threat feeds in the future.

Synchronized Security extends the same Red Heartbeat, automated response that Sophos Firewall has always had and applies it to MDR/XDR identified threats. This ensures compromised hosts are not able to move laterally or communicate out, while details including host, user, and process are readily available for follow-up. Synchronized Security has also been enhanced with added scalability and reduced false missing heartbeats for devices that are in sleep or hibernation states.

Watch the Active Threat Response demo video.

Remote worker protection and SASE

ZTNA gateway integration makes ZTNA deployments even easier by integrating a ZTNA gateway directly into the firewall. This means any organization that needs to provide remote access to applications hosted behind the firewall doesn’t need to deploy a separate gateway on a VM. They can simply take advantage of the gateway integrated into their firewall. When combined with our single-agent deployment on the remote device, ZTNA couldn’t possibly get any easier. It’s literally zero-touch zero trust.

Third-party SD-WAN integration makes it easy to onramp SD-WAN traffic onto Cloudflare, Akami, or Azure backbone networks to take advantage of their enormous infrastructure, reach, and networking and security services.

Sophos DNS Protection is our new cloud-delivered web security service that will be available separately in early access very soon. It provides a new Sophos-hosted domain name resolution service (DNS) with compliance and security features that are fully supported by Sophos Firewall. This service provides an added layer of web protection, preventing access to known compromised or malicious domains across all ports, protocols, or applications – both unencrypted and encrypted. More news on this new service is coming soon.

Network scalability and resiliency enhancements

A new VPN portal provides a containerized, hardened self-service portal for end users to download VPN clients and configurations, auto-provisioning, and clientless VPN bookmarks.

IPsec enhancements include seamless HA failover, tunnel status monitoring via SNMP, unique PSK support for the same local and remote gateway connections, and DH Group 27-30/RFC6954 support.

SSL VPN enhancements include FQDN (fully qualified domain name) host and group support for both remote access and site-to-site SSL VPN.

SD-WAN scalability triples SD-WAN gateway scalability to 3072 gateways and the number of SD-WAN profiles to 1024.

IPv6 enhancements include DHCP prefix delegation to seamlessly integrate with your ISP and new enhancements to the dynamic routing engine now support BGPv6 for improved IPv6 interoperability.

Watch a video overview of the VPN enhancements or the IPv6 BGPv6 and DHCPv6 capabilities.

Streamlined management

Interface enable/disable delivers a top-requested feature to easily disable or enable network interfaces on the firewall without losing any configuration.

Object reference lookup addresses another top-requested feature to find where a given host or service object is used in rules, policies, and routing.

Hi-res display support adds increased horizontal scalability to the management console to take advantage of high-resolution displays and reduce horizontal scrolling.

Auto-rollback on failed firmware updates reduces any disruption, including high-availability deployments.

Backup and restore now includes the option to restore a backup from a firewall with integrated Wi-Fi to a firewall without Wi-Fi.

Azure AD SSO for captive portal adds support for user authentication on the captive portal using their Azure AD credentials.

Azure group import and RBAC add support for a new import assistant for Azure AD groups and automatic promotion for role-based admin changes.

Watch videos covering the new management features and Azure AD capabilities.

Other enhancements

Web Application Firewall (WAF) enhancements include geo IP policy enforcement, custom cipher configuration, and TLS version settings, as well as improved security with HSTS enforcement and X-Content-Type-Options enforcement.

Azure Single Arm deployment support enables the choice of a smaller instance size to save on infrastructure costs and reduce network and operational complexity.

Get more details on what’s new

Download the full What’s New Guide for a complete overview of all the great new features and enhancements in v20.

Review the release notes and documentation.

Watch the demo video series:

• What’s New Overview
• Active Threat Response
• VPN Enhancements
• IPv6 BGPv6
• IPv6 DHCPv6
• Management and Quality of Life Enhancements
• Azure AD Captive Portal SSO and Group Import

How to get v20

As with every firewall release, Sophos Firewall v20 is a free upgrade for all licensed Sophos Firewall customers and should be applied to all supported firewall devices as soon as possible. This release not only contains great features and performance enhancements, but also important security fixes.

This firmware release will follow our standard update process.

Please note that Sophos Firewall firmware updates are now downloaded from Sophos Central. Get the full details here or follow the quick guide below to get the latest v20 firmware for your firewall:

1. Log in to your Sophos Central account and select “Licensing” from the drop-down menu under your account name in the top right of the Sophos Central console.

2. Select Firewall Licenses on the top left of this screen.

3. Expand the firewall device you’re interested in updating by clicking the “>” to show the licenses and firmware updates available for that device.

4. Click the firmware release you want to download (note there is currently an issue with downloads working in Safari so please use a different browser such as Chrome).

5. You can also click “Other downloads” in the same box above to access initial installers and software platform firmware updates.

The new v20 firmware will be gradually rolled out to all connected devices over the coming weeks. A notification will appear on your local device or Sophos Central management console when the update is available, allowing you to schedule the update at your convenience.

Sophos Firewall v20 is a fully supported upgrade from any supported Sophos Firewall firmware version.

Check out the v20.0 GA release notes for more details, including the known issues list. Full product documentation is available online and within the product.

Source: Sophos