Sophos received the highest score for protection accuracy, legitimate accuracy, and total accuracy, noting that “Sophos Intercept X Advanced blocked all of the public and targeted attacks”.
SWGfL and Sophos
At SWGfL, we’ve been working with Sophos since April 2011 to bring these market-leading security products to schools at reduced prices.
Through our aggregated buying arrangement, SWGfL (and Phoenix Software, our partner) has provided over 350,000 Sophos licences to schools and other organisations, saving an estimated £1 million.
The two key Sophos solutions we are able to provide are:
- Sophos Endpoint Protection makes it simple to secure your Windows, Mac and Linux systems against malware and advanced threats, such as targeted attacks. This next-generation endpoint protection integrates innovative technology like malicious traffic detection with real-time threat intelligence from SophosLabs to help you prevent, detect and remediate threats with ease.
Available on-premise using the Sophos Enterprise Console, or as a cloud service through Sophos Central.
- Sophos Exploit Prevention provides additional protection from ‘zero-day’ threats, with ransomware and exploit mitigations. Stop malware, prevent exploit vulnerabilities and get a deep clean on any potentially hidden malware.
Also available on-premise or through Sophos Central.
Both are available at considerably reduced prices. To find out more, visit the SWGfL/Phoenix UK Schools Software Purchasing Portal:
On-premise or Cloud
We continue to offer both on-premise and cloud deployments for both solutions, though cloud is increasing in popularity.
Managing your security from Sophos Central means you no longer have to install or deploy servers just to get started. Sophos Central provides default policies and recommended configurations to ensure you get the most effective protection from day one.
The Exploit Prevention solution available through Sophos Central (called Intercept X) is also more powerful than the on-premise version.
The artificial intelligence built into Intercept X is a deep learning neural network, an advanced form of machine learning, that detects both known and unknown malware without relying on signatures. Deep learning makes Intercept X smarter, more scalable, and higher performing than security solutions that use traditional machine learning or signature-based detection alone.
Intercept X blocks all known ransomware on the planet. It utilizes behavioural analysis to stop never-before-seen ransomware and boot-record attacks, making it the most advanced anti-ransomware technology available.
What is Ransomware?
A type of malware where an attacker compromises a system, and demands payment to undo it.
The most common type is ‘encrypting’ (or ‘crypto’) ransomware, which replaces all of your data with encrypted versions, and encourages you to pay money to have the originals restored (which may or may not happen: these people are criminals, after all).
There’s also ‘screen lock’ (or ‘locker’) ransomware, which prevents you accessing your device, and a particularly nasty variant of encrypting ransomware that encrypts the entire hard drive, making the machine unusable.
Ransomware is often spread through infected email attachments (e.g. PDF or Microsoft Office documents) that appear legitimate at first glance. They may even seem to have originated from an email address inside your school (which is what may have happened with WannaCry).
What do Schools Need?
We’ve been discussing security issues with colleagues at Sophos, and more recently Ecclesiastical Insurance, as we both see things changing quite quickly in education.
In their March 2018 press release, Ecclesiastical research found that one in five British schools and colleges has been a victim of a cyber-attack, with 71% of schools having received some form of malware.
Having a good quality anti-virus solution, like Sophos Endpoint Protection, is fundamental. But is it as important to also have ransomware protection like Sophos Intercept X?
Even if you do have a good anti-virus solution, it is possible for new malware (or ‘zero-day’ malware, as it’s often called) to evade it.
Malware generally is a problem. It could be a bitcoin miner, which use up all of your machine’s resources; a trojan, seeking to steal your financial information; or a rootkit, which can provide an attacker with control over your machine. The anti-virus solution will usually resolve these issues fairly quickly.
However with ransomware, this approach doesn’t work. Ransomware encrypts your files, and possibly your backups too (if they’re connected to your infected machine). Removal of the ransomware may also remove the decryption process.
To protect against ransomware, a specific zero-day exploit prevention solution is needed, like Sophos Intercept X.
You can find more info and buy Sophos Intercept X here.