Sophos boosts Server Protection products with CryptoGuard technology

Sophos boosts Server Protection products with CryptoGuard technology

Dan Schiappa, General Manager and Senior Vice President for End-User Security at Sophos

Sophos, a global leader in network and endpoint security, today announced that its next-generation anti-ransomware CryptoGuard technology is now available with its Sophos Server Protection products. With this optimisation, Sophos Server Protection now has signature-less detection capabilities to combat ransomware – similar to Sophos Intercept X for endpoints. In September 2016, Sophos launched Sophos Intercept X with CryptoGuard, which stops the spontaneous encryption of data by ransomware within seconds of detection.

By adding CryptoGuard to server security, Sophos is closing a critical gap by preventing ransomware attacks that could come in through rogue, guest or remote access users or other weaknesses in a company’s network. For example, if a company allows bring-your-own-laptops on the network, remote access for employees or is victimised by an insider cyberthreat, servers become highly susceptible to ransomware. Additionally, network shares on servers are high-value targets as they contain proprietary financials and personally identifiable information amongst other key data and should be protected as such.

“Servers are considered the jackpot for cybercriminals, since they can store confidential corporate and employee information, medical records with social security numbers or private customer documents. It would be devastating for organisations to lose this kind of sensitive data to ransomware,” said Dan Schiappa, Senior Vice President and General Manager of Sophos’ End-User and Network Security Groups. “Most organisations back-up their data, but recovery from a backup is not always easy. Businesses, schools or hospitals do not want the liability, hassle and operational disruption required to restore from a backup. Anti-ransomware technology is a critical layer for the protection and ongoing accessibility of the information that resides on servers. Sophos has optimised its server protection products with CryptoGuard, adding another layer of next-gen protection to block this pervasive and highly-damaging cyberthreat.”

Sophos has also expanded Synchronised Security by adding Sophos Security Heartbeat capabilities to Sophos Central Server Protection Advanced. By adding Security Heartbeat to servers, an IT administrator can now leverage Sophos XG Firewall to automatically isolate infected servers and endpoints to identify and respond to the source of compromises faster. Sophos Central Server Protection also includes Malicious Traffic Detection, which monitors for traffic to command and control servers and application white listing with one-click server lockdown, which secures servers in a safe state and prevents unauthorised applications from running.

Sophos Server Protection products with CryptoGuard capabilities now includes Central Server Protection Advanced on the cloud-based Sophos Central platform and Sophos Server Protection Enterprise, which is managed with a traditional on-premise console.

Dan Russell, Chief Information Officer, Pine Cove Consulting, a Sophos channel partner based in Bozeman, Montana said: “Protection for servers is especially critical for our customers who allow remote desktop connections or have weak desktop credentials, which is a known vulnerability for ransomware attacks. Even our customers who have put every safeguard in place could still have an exposed server, due to that one rogue laptop someone connects into the network. Just one click on a tainted email could encrypt every file with ransomware. We’ve seen this happen with a customer, so from a technical standpoint, it’s exciting to have anti-ransomware capabilities at the server level.

“Sophos also designed its server protection to be ‘lightweight’. Many of our customers are educational institutions with older computers, so having an anti-ransomware capability that doesn’t impact server performance – no matter how old or new – is a must. The evolution of ransomware is a reality our customers need to deal with right now. We are focused on selling Sophos Central Server Protection Advanced and Sophos Intercept X to guard against ransomware threats.”

“At Lifeways, our users log into servers to access their email and websites, so we definitely need a solution that prevents ransomware. Already, we use Sophos Central Server Protection Advanced for approximately 100 servers. We also have Sophos Intercept X running on roughly 600 endpoints or about 50% of our estate so far. With Intercept X’s root cause analysis feature, we have a holistic view of breaches and the ability to investigate every node that’s been infected. We can also reverse ransomware attacks on the endpoints, which is huge,” said Andy Pitcher, Group Infrastructure Manager at Lifeways, a Sophos customer in London, England. “Lifeways has been hit by ransomware in the past and it was not fun. The attack came in through an endpoint and hit the server as well. We were able to restore quickly, but our business did come to a halt for a while. Sophos Server Protection and Sophos Intercept X are critical defences for us and we plan to use them throughout our entire estate.”

Pricing for the complete range of Sophos Server Protection products is available from authorised Sophos Partners worldwide.

Browse our latest issue

Intelligent CISO

View Magazine Archive