In light of the current pandemic, various nation states and organizations are increasing their efforts to contain the virus. Now more than ever your customers are looking at ways they can facilitate remote working to keep their businesses operational.
For the same reason, organizations never considered remote working previously are likely now looking at ways of doing so. As the technological enablement of working from home helps reduce the risk of spreading biological viruses, it’s worth bearing in mind that, for those organizations new to remote working, this may also increase the attack surface for cyber threats as their remote workers are no longer behind their corporate security infrastructure.
So, if you have customers suddenly bulk-buying laptops and rushing to adopt remote working for the first time, why not remind them to keep cybersecurity in mind? Let them know Sophos Home Commercial Edition has been made available to all customers during these unprecedented times.
There are various Sophos technologies out there your customers can make use of quickly and easily to help move from a traditional on-premises environment to a remote working environment.
SaaS-based endpoint security management
If your customers are still using on-premises security management products, such as Sophos Enterprise Console, they have the opportunity to migrate to Sophos Central. This allows all endpoints to be managed and report from any location. It also allows the endpoints to take advantage of the latest endpoint security technologies, such as deep learning and active adversary protections included in Intercept X. It also allows security policies to be user-based, so if one of your customers suddenly decides they need to buy a load of laptops to support remote working, the Sophos security policies can follow them from their corporate-only device to their remote device with no added configuration. Sophos Central also lets you see all your customers’ Sophos security products side by side. Whether they’ve decided to deploy a secure Sophos APX access point in their home office, or decided to allow access to corporate data on their mobiles, you can manage the security of all these components side by side in Sophos Central.
Client-based web filtering
Organizations that do not normally have measures in place for remote working may rely on a corporate-based web proxy of sorts, whether it be standalone or incorporated in their firewall. However, if they then rapidly adopt a work from home policy, they may not have had time to consider the fact that their end users will now be working outside this perimeter. Once outside the corporate environment, they may be able to access both inappropriate and potentially malicious content online. In order to mitigate against this, your customers can make use of the client-based web filtering included in the Sophos Central Endpoint Protection called Web Control. When enabled, this will quickly allow your customers to be protected from both accessing inappropriate and malicious content while working from home, and any policy violations that have been made can still be seen in the central console.
Peripheral control and data Loss prevention
Another two features included in the Sophos Central Endpoint and that don’t always get the attention they deserve are Peripheral Control and Data Loss Prevention (DLP). These two features can greatly help protect organizations that have to suddenly start allowing their staff to work from home. Peripheral Control can stop employees from plugging in removable drives at home or connecting their work device to their phone. DLP, on the other hand, allows you stop specific sensitive data or applications from being copied off the work device whether, it’s on site or remote.
Client-based VPNs
Client Based VPNs are a key piece of technology that allow users to work remotely safely. They allow end users to access corporate data as if they were in the office and backhaul web traffic to be scanned and reported on centrally. As the communication is over an encrypted tunnel, it also helps stop man-in-the-middle traffic sniffing attacks. The Sophos SSL VPN client and Sophos Connect are the two main client-based VPNs available on the Sophos XG firewall. Sophos Connect is based on IPsec and is easier to deploy in that the software and configuration. It can be deployed via GPO, and there is an always-on mode which allows the Connect Client to know whether a user is on-site or off-site in order to enable and disable the VPN accordingly. The Connect Client also automatically supports Synchronized Security Heartbeat over the VPN, whereas the SSL VPN requires additional config in order for this to work.
Synchronized Security
Remote users are potentially more susceptible to attack, and so allowing the Sophos XG Firewall to automatically block connections from remote device to the corporate network based on their endpoint security health status is a great way of maintaining security. This is perhaps even more valuable to a customer who is not typically comfortable with remote working. Other benefits of Synchronized Security include synchronized application control, giving greater visibility in applications that remote users may be using to circumnavigate security controls, and in turn block them.
Sophos Home Commercial Edition
Remote working is nothing new. However, new circumstances are forcing some of your customers to consider it when they haven’t done so before. Due to the sudden and immediate nature of the current crisis, not all organizations have the ability to at a moment’s notice buy a a lot of new hardware to facilitate working from home. Because of this, Sophos recognizes some organizations may be allowing end users to do work on their own personal machines – and so we’re offering Sophos Home Commercial Edition to all Sophos Customers. If you would like your customer to benefit from this program, please contact your account manager for more information.