Sophos Cloud Management



  1. Sophos Email is cloud email security delivered simply through Sophos Central’s easy-to-use single management console. Protect sensitive data – and your users – from unwanted and malicious email threats with the latest artificial intelligence.
  2. Sophos Central Sophos Central is the unified console for managing all your Sophos products. Sign into your account, take a tour, or start a trial from here.

Sophos Email is cloud email security delivered simply through Sophos Central’s easy-to-use single management console. Protect sensitive data – and your users – from unwanted and malicious email threats with the latest artificial intelligence. Sophos Central Sophos Central is the unified console for managing all your Sophos products. Sign into your account, take a tour, or start a trial from here. Mobile Management Sophos Home’s mobile app and cloud dashboard is easy to use. Add more computers, perform remote scans, receive alerts, and modify security settings remotely, whenever you.

Cloud adoption is enabling enterprises across all sectors to collaborate more efficiently especially in today’s highly remote business environment. More specifically, government agencies are implementing multi-cloud infrastructure with their workloads spread across multiple public, private, and edge cloud platforms. According to Gartner, the government cloud spending is expected to grow on an average of 17.1 percent through 2021.

Why adopt multi-cloud?

Multi-cloud services enable government organizations to choose the best solution for their workloads and the most cost-effective service provider. It helps them to reduce investment in on-premise data centers, implement centralized citizen services, and mitigate risk of service disruption by a single cloud service provider. However, the multi-cloud scenario has also led to an increase in data management complexities, creating data silos.

Challenges of a multi-cloud environment

A report by IDC states that the lack of consistency between cloud platforms introduces its own set of challenges for organizations – duplication of management tools and processes for each platform, additional training and skill set requirements, and difficulty porting data and applications between different cloud platforms to name a few. Another report by MeriTalk, Juggling the Clouds: What Are Agencies Learning, states that nearly half of federal IT executives agree their agency is not yet taking the right steps to prepare for their multi-cloud future.

Government IT teams are constantly limited in their abilities because of budget constraints and increased IT regulations. On one hand, mandates like the Federal Information Technology Acquisition Reform Act (FITARA) and the Data Center Optimization Initiative (DCOI) require them to increase the use of cloud services and virtualization with automated monitoring and reporting capabilities across their IT environment, their journey often starts from having to transition from legacy physical data centers to cloud infrastructure which is laden with its unique challenges.

Sophos Cloud Management Program

Lack of focus on cloud security is intensifying this pain. The public cloud spend will be nearly $500 billion by 2023 while the cloud security spend across all industries is forecasted to reach $12.6 billion within that time frame.

Multi-cloud environments have users and applications spread across several clouds without the means to centrally view, secure, or manage these environments effectively. Matters become more complicated when there are multiple contracts and service providers. While the provider is responsible for securing the cloud, organizations are responsible for securing everything they put in the cloud.

All of this raises questions about what government organizations can do to secure their multi-cloud environments. Sophos can help to secure resources; achieve visibility, control, and compliance; and ensure that users get secure access to cloud apps and resources from any device, anytime, and from anywhere in a multi-cloud environment.

Securing multi-cloud environments with Sophos

Sophos Cloud Management

Sophos cloud management system

Securing resources in the cloud

Sophos Intercept X for Serversecures hybrid workload environments. It protects Windows and Linux virtual machines and virtual desktops by stopping advanced threats including ransomware, exploit-based attacks, and malware; and locking down the server workloads to control what can and can’t run in the environment.
Intercept X EDR – Endpoint Detection and Response – gives you the tools to hunt down suspicious activities and performs critical IT operations across your server environment. It automatically detects cloud workloads and makes it easy to keep an eye on critical cloud services, including S3 buckets, databases, and serverless functions. Intercept X EDR automatically detects insecure deployments thanks to constant AI monitoring of your cloud environments and notification of any irregularities.

Sophos Cloud Management

Achieving visibility, control and compliance in the cloud

Sophos Cloud Optix is Sophos’ Cloud Security Posture Management solution. It provides multi-cloud visibility that offers detailed cloud resource inventory, including servers, containers, storage, network and IAM for AWS, Azure, and GCP. It continuously monitors compliance with out-of-the-box templates, custom policies, and collaboration tools; and analyzes configurations for security risks and over-privileged IAM access. It allows cloud cost optimization by managing AWS and Azure spending on a single screen.

Ensuring secure access to cloud resources from any device, anywhere

Sophos Zero Trust Network Access (ZTNA)constantly verifies the user — typically with multi-factor authentication and an identity provider — and validates health and compliance of the device for users to securely connect to corporate resources from any location. It elevates protection and minimizes the risk of lateral movement within the network by continually assessing identity and device health before allowing access.

Simplifying management

Sophos Centraloffers a single, web-based platform to conduct cross-product investigations with ease, correlating data from multiple services easily. It enables Sophos products to share real-time threat, health, and security information and work together to automatically respond to threats – also known as Sophos Synchronized Security.

Conclusion

With a multi-cloud model, government agencies and public sector organizations have the opportunity to rethink and innovate the delivery of public services. These organizations require easy-to-use cloud security platforms to achieve visibility, security and compliance monitoring while rolling out their digital transformation plan over a multi-cloud set up. Sophos can help to secure the anywhere organization with powerful, trusted solutions. Contact your Sophos representative to discuss your requirements, or activate a no-obligation free trial to take any of our products for a test drive.

The branch office of one

Prior to the pandemic, there was already a shift in networking underway, with an increasing percentage of the workforce beginning to work from home – at least part-time. This trend has dramatically accelerated over the last year, with the vast majority of organizations either mandating their employees work from home, or strongly encouraging it.

This has transformed many organizations almost overnight into a highly-distributed model with hundreds, if not thousands, of one-person branch offices. The “branch office of one” has become the new normal for many organizations.

This massive shift has created a similarly massive challenge for many IT organizations, who have been scrambling to implement VPN access for their remote workers. As just one example, utilization of our Sophos Connect VPN client with XG Firewall has shot up over 10x to more than 1.4 Million active clients in recent months.

Sophos Cloud Security Posture Management

Sophos

And while VPN technology has been a savior and has served us well, it was never really designed for this new world. VPN can be difficult to deploy and enroll new staff, it can be challenging for end-users to use and creates unnecessary friction, and it does not provide the kind of granular security that most organizations require.

Gartner’s recent report, Solving the Challenges of Modern Remote Access, also highlights the challenges with VPN: licensing, efficiency, relevancy, and suitability for the task.

Protecting your data

Sophos Cloud Management Solutions

If it wasn’t enough that IT organizations are grappling with this massive shift in remote working, the whole industry has come under siege by bad actors and hackers attempting to take advantage of the current situation with increasing attacks on corporate systems and data. The latest Sophos 2021 Threat Report provides an excellent look at how cybercriminals have upped their game.

With a massive collection of branch offices of one and an ever-increasing need for tighter security that is transparent and frictionless, what are the options?

We’re actively working to get Sophos ZTNA, or zero trust network access, into your hands as fast as possible. To help overcome some of the challenges you’re facing with remote workers, it provides a simpler, better, more secure solution to connect your users to important applications and data.

Zero trust network access

ZTNA is founded on the principle of zero trust and is all about verifying the user. It typically leverages multi-factor authentication to prevent stolen credentials from being a source of compromise, then validates the health and compliance of the device to ensure it’s enrolled, up to date, and properly protected. ZTNA then uses that information to make policy-based decisions to determine access and privilege to important networked applications.

Benefits of ZTNA compared to remote access VPN

While remote access VPN continues to serve us well, ZTNA offers a number of added benefits that make it a much more compelling solution:

  • More granular control: ZTNA allows more granular control over who can access certain applications and data, minimizing lateral movement and removing implied trust. VPN is all-or-nothing: once on the network, VPN generally offers access to everything.
  • Better security: ZTNA includes device and health status in access policies to further enhance security. VPN does not consider device status, which can put application data at risk to a compromised or non-compliant device.
  • Easier to enroll staff: ZTNA is much easier to roll out and is better when it comes to enrolling new employees. VPN involves more challenging and difficult setup and deployment.
  • Transparent to users: ZTNA offers “just works” transparency to users with frictionless connection management. VPN can be difficult and prone to initiating support calls.

Overall, ZTNA offers a welcome solution to connecting the branch office of one.

Sophos Cloud Management

Sophos ZTNA

Sophos ZTNA is a brand new cloud-delivered, cloud-managed product to easily and transparently secure your important business applications with granular controls.

Sophos ZNTA consists of three components:

  • Sophos Central provides the ultimate cloud management and reporting solution for all your Sophos products, including Sophos ZTNA. Sophos ZTNA is fully cloud-enabled, with Sophos Central providing easy deployment, granular policy management, and insightful reporting from the cloud.
  • Sophos ZTNA Gateway will be available as a virtual appliance for a variety of platforms to secure networked applications on-premise or in the public cloud. AWS and VMware ESXi support will be available initially, closely followed by support for Azure, Hyper-V, Nutanix, and others.
  • Sophos ZTNA Client provides transparent and frictionless connectivity to controlled applications for end users based on identity and device health. It is super easy to deploy from Sophos Central, with an option to deploy alongside Intercept X with just one click or instead work standalone with any desktop AV client. It will initially support MacOS and Windows, and later Linux and mobile device platforms as well.

Sophos Central Admin

Coming soon

The early access program (EAP) for the initial version of our ZTNA solution will kick off in the next couple of weeks, so stay tuned for additional news. I hope you will all join us in test-driving Sophos ZTNA to make it the best product it can be for launch!