Sophos. Protecting the treasure trove

Ransomware has been on the computer security radar for some time now but are you aware that it’s increasingly targeting servers?

Servers are the treasure trove of an organization’s data and the applications that access it. As senior vice president and general manager of Sophos’ Enduser and Network Security Groups Dan Schiappa explains, “Servers are considered the jackpot for cybercriminals, since they can store confidential corporate and employee information, medical records with social security numbers or private customer documents.”

We understand that servers differ from user endpoints, with higher performance and availability requirements. Therefore, we’ve enhanced our server capabilities with two technologies to assist Server Admins in meeting these needs:


Much like you’ve seen with Intercept X for endpoints, Sophos Server Protection now has signature-less detection capabilities in the form of CryptoGuard. This additional layer of defense detects and reverses unsolicited encryption of data on servers, so that cyber criminals don’t get the chance to hold organizations captive for extortion. Even if ransomware on a rogue endpoint connects to a server and attempts to encrypt files on a server, Sophos Central Server Protection Advanced protects the organization.

Sophos Security Heartbeat for Windows Servers

We have also broadened our Synchronized Security by adding Sophos Security Heartbeat capabilities to Sophos Central Server Protection Advanced, which includes:

  • The Destination Heartbeat feature, introduced in XG Firewall, was designed with Servers in mind. Should a server become infected, the XG Firewall can isolate it and prevent other endpoints from accessing it.
  • Positive identification of compromised servers: To alert an admin that a key asset may be compromised. Machines are explicitly labelled as servers in the Sophos XG Firewall Control Center, helping admins to prioritize their response efforts.
  • The Missing Heartbeat capability is another valuable feature for server admins. Because servers should always send a heartbeat, a missing beat could indicate that it’s been compromised.

You can read the original article, here.