Simple Security Is Better Security

Similar documents
Protecting Your Roaming Workforce With Cloud-Based Security

Strengthen Microsoft Office 365 with Sophos Cloud and Reflexion

Simplifying Branch Office Security

The Sophos Security Heartbeat:

IT Resource Management & Mobile Data Protection vs. User Empowerment

Managing BitLocker With SafeGuard Enterprise

IT Resource Management vs. User Empowerment

Sample Mobile Device Security Policy

Comparative Performance and Resilience Test Results - UTM Appliances. Miercom tests comparing Sophos SG Series appliances against the competition

A Manager s Guide to Unified Threat Management and Next-Gen Firewalls

Protecting Your Data On The Network, Cloud And Virtual Servers

Botnets: The dark side of cloud computing

The Attacker s Target: The Small Business

Encryption Buyers Guide

Two Great Ways to Protect Your Virtual Machines From Malware

Next Gen Firewall and UTM Buyers Guide

Sales Consultant I Engineer I Architect I Support Engineer I MSP. A Simple Overview to Training and Certification

How To Manage A Mobile Device Management (Mdm) Solution

Sample Data Security Policies

Five Tips to Reduce Risk From Modern Web Threats

Sophos XG Firewall Licensing

INTRODUCING isheriff CLOUD SECURITY

Wireless network security: A how-to guide for SMBs

Sophos SG Series Appliances

Mobile Madness or BYOD Security?

Building a Business Case:

PCI DSS Reporting WHITEPAPER

2012 Endpoint Security Best Practices Survey

Boosting enterprise security with integrated log management

What is MyUTM? 2. How do I log in to MyUTM? 2. I m logged in, what can I do? 2. What s the Overview section? 2

Sizing Guideline. Sophos UTM SG Series Appliances. Sophos UTM 9.2 Sizing Guide for SG Series appliances

Table of Contents. Page 2/13

Best value security report

isheriff CLOUD SECURITY

V1.4. Spambrella Continuity SaaS. August 2

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

BlackStratus for Managed Service Providers

The Future of Network Security Sophos 2012 Network Security Survey

nfx One for Managed Service Providers

Endpoint web control overview guide. Sophos Web Appliance Sophos Enterprise Console Sophos Endpoint Security and Control

Healthcare Buyers Guide: Mobile Device Management

Advanced Persistent Threats: Detection, Protection and Prevention

Comprehensive real-time protection against Advanced Threats and data theft

The business case for managed next generation firewalls. Six reasons why IT decision makers should sit up and take notice

BACKUP ESSENTIALS FOR PROTECTING YOUR DATA AND YOUR BUSINESS. Disasters happen. Don t wait until it s too late.

Small and Midsize Business Protection Guide

McAfee Endpoint Protection for SMB. You grow your business. We keep it secure.

Driving Company Security is Challenging. Centralized Management Makes it Simple.

PCI DSS Top 10 Reports March 2011

The SIEM Evaluator s Guide

Zone Labs Integrity Smarter Enterprise Security

Extending Threat Protection and Control to Mobile Workers with Cloud-Based Security Services > White Paper

Symantec Protection Suite Small Business Edition A simple, effective and affordable solution designed for small businesses

TRITON AP-WEB COMPREHENSIVE REAL-TIME PROTECTION AGAINST ADVANCED THREATS & DATA THEFT

Sophos UTM Software Appliance

Say Yes to BYOD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices WHITE PAPER

Next-Generation Firewalls: Critical to SMB Network Security

Managing Web Security in an Increasingly Challenging Threat Landscape

Ibrahim Yusuf Presales Engineer at Sophos Smartphones and BYOD: what are the risks and how do you manage them?

Benefits of an ITIL Help Desk in the Cloud

WHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY?

WEBSENSE TRITON SOLUTIONS

Kaseya White Paper. Endpoint Security. Fighting Cyber Crime with Automated, Centralized Management.

Did you know your security solution can help with PCI compliance too?

EXTENDING THREAT PROTECTION AND CONTROL TO MOBILE WORKERS

Simply Sophisticated. Information Security and Compliance

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Cisco Advanced Malware Protection for Endpoints

Top five strategies for combating modern threats Is anti-virus dead?

Requirements When Considering a Next- Generation Firewall

Sophos UTM Support Services Guide

SHARE THIS WHITEPAPER. Top Selection Criteria for an Anti-DDoS Solution Whitepaper

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

Payment Card Industry Data Security Standard

Compliance Guide: PCI DSS

Total Protection for Compliance: Unified IT Policy Auditing

Reduce Your Network's Attack Surface

TMG Replacement Guide

Astaro Security Gateway V8. Remote Access via L2TP over IPSec Configuring ASG and Client

Transcription:

Simple Security Is Better Security How small and medium-sized businesses can benefit from cloud-based security By Tsailing Merrem, Senior Product Marketing Manager Most vendors seem to assume that small and medium-sized businesses (SMBs or SMEs) have the expertise and full-time staff of a large enterprise to manage IT security. Too often for SMBs, this one-size-fits-all approach results in higher costs, lower productivity and more risk. In this paper we examine the inherent complexity of enterpriseclass security products and the very different needs of SMBs. Then we look at a simpler alternative: cloud-based endpoint security.

Complexity in IT security It s no secret in the IT security community that SMBs are poorly served by the industry s flagship vendors and products. The big companies that dominate the market design their offerings for enterprise customers with well-staffed IT organizations and dedicated security teams. Unfortunately, a product that perfectly meets the needs of a trained security professional can potentially have the opposite effect and increase the vulnerability of a small business where security administration is handled by an IT generalist or the business users themselves. One source of complexity in IT security products is historical. The largest vendors built out their portfolios through decades of acquisition, folding one product into another. The result is a hodgepodge of technologies managed by a shared console, bringing all the coordination and configuration challenges to one busy interface. A second root of complexity is vendor bias to the skilled user. A security specialist with a large environment to protect may prefer to have granular control of every feature, capability and configuration setting. But for the SMB administrator, this can be a recipe for information overload and paralysis. Making simple products that small businesses can use is costly, which is why most vendors merely repackage their enterprise offering for the SMB market. Small businesses are a big target Even if vendors seem to ignore the needs of small businesses, SMBs present a huge opportunity for cybercriminals. Out of the nearly six million employers in the United States, 1 the vast majority of them have fewer than 100 employees. According to the 2013 Verizon Data Breach Report, 40% of 621 data theft incidents confirmed in 2012 affected organizations with fewer than 1,000 employees. 2 Data Breaches by Company Size 6.8% 21.9% 31.1% Recent studies point to less rigorous security at smaller firms. In a Sophos-sponsored Ponemon Institute survey of IT managers at small to mid-sized companies, the average self-assessment score of security posture (ability to mitigate risks, vulnerabilities and attacks) was a 6 on a scale of 10. Respondents reported, on average, fewer than three full-time workers fully dedicated to IT security. And respondents reported a wide range of challenges including insufficient budgets, personnel and in-house expertise. You might think this would present large security vendors with a huge market opportunity. But most vendors find that selling to large customers is easier and more profitable. 1. http://www.census.gov/econ/smallbus.html 2. http://www.verizonenterprise.com/dbir/2013/ 9.2% 19.6% 11.4% Company size # of data breaches 1-100 193 101-1,000 57 1,001-10,000 71 10,001-100,000 122 More than 100,000 42 Unknown 136 Total data breaches: 621 Source: Verizon A Sophos Whitepaper May 2014 2

The cost of complexity Small organizations that deploy enterprise-grade security products without the specialists necessary to manage them are exposed to a wide range of risks and costs. An IT generalist may struggle to manually configure a host intrusion prevention system (HIPS) with hundreds of rules, deciding instead to turn off most of the product s functionality. Only 10% of businesses use all the security features and functions they pay for. An improperly configured firewall or IPS can leave open security holes, or generate false positives and lock down users. That hurts the productivity of IT personnel and the organization at large. Different web security policies on network and endpoint filters can create interference and confusion, slowing or locking down legitimate traffic. Third-party integration services and maintenance contracts can dramatically increase security costs. Keeping IT generalists trained on complex security solutions often requires annual, multi-day courses, adding to costs and taking the IT person away form the office. Sophos simplicity helps MSQ Partners slash security admin costs Previously we worked long hours every day, trying to manage a number of different solutions across the world. It was difficult to get to the root of the challenges we faced. With Sophos, it takes just two days a month. GORDON O BRIEN Group IT Manager, MSQ Partners None of this is inevitable or unavoidable. IT security products aren t complicated because it s impossible to make them user-friendly for non-specialists. It simply requires that vendors build some of the specialist s knowledge and experience into the products themselves. A Sophos Whitepaper May 2014 3

How the cloud can simplify security The growing movement to cloud-based, cloud-managed security-as-a-service gives you an opportunity to improve user experience, reduce complexity and enhance security. Today s cloud-based IT security solutions are perfect for SMBs because they re easy to install, configure and manage, and should provide automatic, real-time protection from most threats. Cloud-based security products could easily offer simple features such as: Unified security management knowledgeable workers use multiple devices to get their work done. Effective security solutions should provide unified management that protects Windows, Mac and mobile devices User-centric management, reporting and licensing Secure your end users regardless of which devices they use. User-based policy is set once and will automatically be enforced across devices. IT admins also get a single pane of glass view of the security status of the organization and can drill down per-user or per-device Pre-configured settings IT security suites can be preconfigured to simplify set-up of features like HIPS, web security and web filtering that previously required specialized skills to deploy and manage Sophos Cloud allows a single IT resource to manage 17 government departments effectively. Sophos Cloud is a perfect fit for me, as a one-person IT shop. It s the easiest antivirus solution I ve ever deployed. JOEL ROHNE IT/GIS Director, Worth County Built-in web security filtering Since 90% of attacks come from the web, Sophos has incorporated web security filtering into every security product. Access to malicious or infected websites is automatically blocked and malicious files are intercepted before they infect your organization. Coordinated web content filtering policy Cloud-managed and endpoint-enforced web filtering capabilities offer consistent protection and policy enforcement no matter where users log on. When a remote user opens an Internet connection, the PC security client automatically enforces content and connection policies with no need to backhaul traffic. The predefined policy lets you easily set polices to address security and compliance requirements. Once set, it automatically works on both Windows and Mac. You can also set time-based policies to limit non-business web browsing during business hours. Quick deployment and maintenance-free, with no server to set up. Cloud-based security services are easy and quick to set up. With no server to install, deployment takes just a few minutes. It s simple to manage and maintenance-free with automatic software upgrades and threat updates, and real-time policy refreshes. A Sophos Whitepaper May 2014 4

Sophos Cloud With our latest release, Sophos Cloud is the only integrated security solution for Windows, Mac and mobile devices. It s ideal for organizations of all sizes, but specifically SMBs that may have limited resources, remote locations and roaming workers. Sophos Cloud provides complete coverage everywhere and deploys instantly to deliver complete endpoint protection, web filtering and mobile device management without complexity. It is effortless to deploy, manage and maintain and gives you the following benefits: A cloud-based management console hosted by Sophos, so there s no server to install Built-in best practices to optimize protection and minimize effort Industry-first user-based management and reporting that follows users across systems, providing a single pane of glass view for admins A clean, intuitive management dashboard that provides insight into actionable events to streamline administration Automatic upgrades and updates and unlimited scalability More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use that deliver the industry's lowest total cost of ownership. Sophos offers award winning encryption, endpoint security, web, email, mobile, server and network security backed by SophosLabs a global network of threat intelligence centers. Read more at www.sophos.com/products. Sophos Cloud Visit Sophos.com/cloud for a 30-day free trial United Kingdom and Worldwide Sales Tel: +44 (0)8447 671131 Email: sales@sophos.com North American Sales Toll Free: 1-866-866-2802 Email: nasales@sophos.com Australia and New Zealand Sales Tel: +61 2 9409 9100 Email: sales@sophos.com.au Asia Sales Tel: +65 62244168 Email: salesasia@sophos.com Oxford, UK Boston, USA Copyright 2014. Sophos Ltd. All rights reserved. Registered in England and Wales No. 2096520, The Pentagon, Abingdon Science Park, Abingdon, OX14 3YP, UK Sophos is the registered trademark of Sophos Ltd. All other product and company names mentioned are trademarks or registered trademarks of their respective owners. 5.14.GH.wpna.simple

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information