More and more sophisticated and targeted attacks made it necessary for our Serbian customer JKP to replace their existing, outdated infrastructure and start looking for a more modern network security solution that would grow with the business and its requirements. The lookout was for easier, more manageable security that also offers protection for non-technical users and their devices on-site and on the go from zero-day attacks, advanced threats, and ransomware. Last but not least, the IT team was searching for smooth acceleration and automation of incident response processes to reduce the workload in this area.
JKP scanned the market for IT security solutions, but were dissatisfied with the existing silo solutions.
Radenko Vukovic, who manages IT for JKP, explained that the point products available worked in isolation and required him to juggle multiple administrative consoles. As a result, they were difficult to manage and unable to quickly and effectively counter today’s coordinated attacks. Additionally, these tools were not all-inclusive and required expensive add-ons and upgrades.
In the end, the team choses a configuration consisting of next-generation Sophos Synchronized Security using Sophos XG Firewall and Sophos Central, our cloud-native cybersecurity platform. The solution provides the breadth and depth of protection Vukovic believes JKP needs to detect and defeat today’s advanced threats, zero-day attacks, and ransomware.
Technology Solution
Switching over to Sophos was a simple process and went quite smoothly with support of the Sophos Partner Global Vision Consulting.
“Not only was it easy, but it’s working great and is providing our network and endpoints with a truly effective and consistent defense,” Vukovic points out.
By automating the response to threats, the system’s response was shortened from two to four hours to merely some minutes per incident. This results in serious savings to the company. Also, the quality of the service to JKP customers is better than it was in the past.
Sophos Synchronized Security has fundamentally changed the way the company approaches security. Rather than relying on individual components acting in isolation with no communication between them, the organization now has Sophos Synchronized Security working for it around the clock. The Security Heartbeat™ technology that drives Synchronized Security ensures that their endpoint security and firewall are talking to each other. XG Firewall and Sophos Endpoint Security can share threat information and respond automatically to prevent advanced attacks from spreading. For example, Sophos Endpoint pinpoints a system that has been compromised by malware. Then, the firewall isolates the machine and limits network access. The endpoint then automatically undergoes cleanup and remediation, and patches or upgrades are added as needed.
For JKP and its users, Sophos Endpoint pinpoints a system that has been compromised – for example, when a user is tricked into clicking a phishing link.
“It’s much like having our own team of intelligent robots. When something goes wrong, they spring into action and work together to resolve the problem,” explains Vukovic.
Sophos Synchronized Security also provides real-time insights and control all in one place, which helps to quickly identify issues and take action immediately – across endpoints, the network, email, and beyond.
“If there’s a problem, Sophos sends me a notification,” he says. “Then I get on the Sophos Central platform to track down the problem. If I have to do anything in-house to clean the malware or virus, then I can respond to issues in a timely fashion. Sophos Synchronized Security offers us the kind of protection we’ve been looking for, and I can confidently say that I sleep better at night because of it.”
Business Benefit
Recently, the IT team discovered that JKP’s employees were receiving quite a number of ransomware emails, malicious software that blocks access to a computer system until money or some other type of ransom is paid. Ransomware is the most prevalent malware attack affecting today’s organizations.
“We want to be sure that we’re fully protected against this rising threat. We think that Sophos Intercept X is a valuable addition to our to security toolbox,” he suggests.
Vukovic has now deployed Sophos Intercept X, which uses CryptoGuard technology to block the malicious, spontaneous encryption of data by ransomware. Through Synchronized Security, ransomware-infected devices are assigned a status indicating they are at risk. This information is then shared with XG Firewall, which isolates these devices from the network. By doing so, ransomware attacks are unable to communicate to command and control servers so the attack cannot infect other systems.
“Since we’ve deployed Synchronized Security, it was so easy to integrate Sophos Intercept X into our system. It’s exciting to know our security can truly grow with us,” he asserts.
Synchronized Security Accreditation
As a Synchronized Security partner, you can offer the industry’s strongest cybersecurity protection. The case study you’ve just read offers a lot of proof. Become accredited today and drive revenue by selling award-winning products that work together as a system to be more coordinated than the attackers.