Following on from the last Tech Issue’s discussions on security risks, in this issue we look at one of the security products available to protect your business.
Ransomware and other security threats have a high profile in the media, so the security products in the market are highly exposed and therefore have a tough job ensuring their services are robust and offer the protection required.
The biggest issue is that the marketing material for these products is highly technical, whilst this offers proof of the capabilities it can be confusing to choose the most suitable product.
The market is suitably consolidated and is split between home and business services, where the fight for free antivirus has in turn meant those best at business service providers are now offering the best home services for free – to entice the user to take the service into the work place.
As you may know AME Solutions has recently moved away from a McAfee product set to a Sophos product set. We spent some months investigating the market place and discussing the product offerings from many vendors and distributors. McAfee have removed their most popular product set from the market and Sophos have an outstanding history of protecting businesses to the highest level – and now they also have a free home product too.
Alternatives to Sophos include ESET, Bitdefender and Symantec each offering their own take on Endpoint protection.
Firstly, we will look at protecting your PCs, MACs, Servers, tablets, laptops, mobiles etc through the “Endpoint Protection” products.
In the connected world we live and work in the threats are much more prevalent than ever before. The service providers are constantly updating the product set and the definition databases to protect their users, but the software needs to be updated.
One of the main changes in recent years is to ‘Cloud’ enable their services – Security as a Service (a play on the “SaaS” Software as a Service term) has enabled the service providers to manage the devices through a central management portal. This management element is one of the greatest wins for businesses who either deal directly with the security products or have an IT support service provider who manage their security.
The ‘single pane of glass’ management console allows for clear visibility of all the protected devices on the network, eliminating any weak points and security risks on the network.
The other benefit to Cloud management is that the Endpoint software is less bloated, leaving a smaller footprint on the PC/MAC/Server which in turn means less resources are taken away from the tasks the device is used for. There is nothing worse than having an expensive device slowed down to a crawl by your security software.
SOPHOS “CLOUD ENDPOINT PROTECTION” SUITE INCLUDES SIMPLE OPTIONS TO PROTECT:
• Your PC and /or MAC – Sophos Cloud Endpoint Protection Standard
• Plus your mobile devices – Sophos Cloud Enduser Protection Bundle
• Your server/s – Sophos Cloud Server Protection Standard and Advanced
All of these products are managed through the Sophos Cloud Management console and include user-based policies and server-based policies. This means a standardised protection offering for the whole business can be deployed, or a specific set of users can have different policies.
The standard Endpoint Protection product offers antimalware, live protection, web security and ‘Host Intrusion Prevention System’ (HIPS) which protects devices from unidentified viruses and suspicious behaviour monitoring – effectively determining whether a source of code is malicious or not without an identified virus definition.
ALL CLEVER STUFF, BUT WHAT DOES THIS MEAN?
Anti-malware will provide protection against known malicious software – which can be attached to an email or be derived from a web link. Often these emails look like they are from a genuine source such as your bank or courier.
Live protection offers real-time verification of whether a file is malicious or not – whilst most products rely on virus definition updates and often user intervention to update the software, Sophos will proactively check for safety with Cloud database look-ups.
Host Intrusion Prevention System
‘Host Intrusion Prevention System’ (HIPS) offers similar realtime checking based on the behaviour of the device – for example changes to the registry or high resource usage (‘buffer overflow protection’). Multi device management has become a key issue. Users are often using or being provided with ‘companion’ devices such as tablets which become a key component of daily work life – this poses a threat as email and web borne threats could cause issues on that device, or worse distribute the risk across the business network they connect to.
The Sophos Cloud Enduser Protection Bundle includes protection for the mobile users by scanning applications, items on the device and web access. This also includes Mobile Device Management as well.