Network and endpoint security leader Sophos announced that its next-generation anti-ransomware CryptoGuard technology is now available with the company’s Server Protection product suite.
In September 2016, Sophos launched the Intercept X with CryptoGuard which stops spontaneous data encryption by ransomware within seconds of detection. Now, the company brings the technology to the Sophos Server Protection which now has signature-less detection capabilities to tackle ransomware.
CryptoGuard allows Sophos to prevent ransomware attacks coming from rogue, guest or remote access points among other potential breach points in a company’s network. These include organization policies that allow employees to bring their own devices to connect to the network, or those that allow remote access from private home networks or public networks like those in airports or coffee shops. These render networks highly susceptible to ransomware attacks.
Network sharing on servers become high-value targets due to the potentially sensitive information within shared files such as proprietary financial statements, personally identifiable information and other crucial data.
“Servers are considered the jackpot for cybercriminals, since they can store confidential corporate and employee information, medical records with social security numbers or private customer documents. It would be devastating for organisations to lose this kind of sensitive data to ransomware,” said Sophos’ Enduser and Network Security Groups senior vice president and general manager Dan Schiappa.
Apart from Server Protection, Sophos expanded its Synchronised Security line by adding Security Heartbeat capabilities to the company’s Central Server Protection Advanced suite. An IT administrator is now able to leverage the XG Firewall to isolate infected servers and endpoints, identify the compromised element, and take the appropriate action much faster.
Central Server Protection also includes Malicious Traffic Detection which monitors traffic and whitelists applications with a one-click server lockdown, preventing unauthorised applications from running.