Dropbox accounts breached – is your data safe in the public cloud?

dropboxDropbox usernames and passwords were leaked online this week. It’s the latest in a string of recent data breaches involving compromises of third-party websites that take advantage of password re-use to get at users’ accounts on multiple services.

In 2014 alone, millions have had their private information and passwords compromised, leading to what some are calling data breach “fatigue.”

Dropbox was quick to respond, denying a breach on their end while urging their users to enable tighter password security measures.

Continue reading

Sophos Mobile Control among products that “lead the pack” – Sophos cited as a Leader in enterprise mobility management analysis

forrester-150Sophos was among the select companies that Forrester Research, Inc. invited to participate in its report, The Forrester Wave™: Enterprise Mobile Management, Q3 2014. In this evaluation, we were cited as a leader in enterprise mobile management (EMM).

Each of the vendor products evaluated, including our EMM product Sophos Mobile Control, has a large install base, more than $10 million in revenue in 2013, and significant enterprise interest.

Sophos Mobile Control (SMC) received the highest possible rating in the categories of Architecture and scale; Email and directory support; Employee experience; Support; Training; and Partners. Sophos earned the top ranking among all evaluated vendors in Employee experience.

Continue reading

Invitation to a “Privacy After Hours” evening

privacy-after-hours-150On Thursday, October 23rd there will be casual social meetings in numerous cities around the world to discuss an issue that’s on a lot of people’s minds these days — privacy.

Anyone interested in privacy matters is welcome to come for the discussion, or simply to relax and get to know other people with practical or personal involvements in privacy issues.


These Privacy After Hours events are being organised by members of the International Association of Privacy Professionals (IAPP). There is typically no formal structure, just an evening with some new friends.

Continue reading

How to set up Dynamic Host Configuration Protocol (DHCP) on your UTM

firewall-150Last time we talked about how to set up your firewall. This week we’ll continue looking at some other things that happen in the background but that you can also control and benefit from.

When you set up the UTM for the first time you may have chosen not to enable DHCP, or Dynamic Host Configuration Protocol. You may have chosen not to enable it because you already have a DHCP server on your network or you just don’t know what it is.

In layman’s terms, a DHCP server manages the handing out of IP addresses to devices as they come and go on your network.

Continue reading

What is Shellshock? This infographic explains how a Shellshock attack works and how to stay safe

Bash-Shellshock-150Shellshock, a serious vulnerability affecting Linux, UNIX and OS X computers, is making life difficult for IT admins, as vendors rush out patches to stay ahead of the cybercriminals trying to exploit this bug.

Like the Heartbleed bug in OpenSSL, Shellshock has a nasty-sounding name, far-reaching impact, and major consequences for security. Yet Shellshock is worse than Heartbleed in one important way — it could allow an attacker to take complete control of vulnerable machines.

If you’re looking for a little tutorial on Shellshock, we’ve created a simple infographic to explain the bug, how an attacker might exploit it, and what you can do to stay safe.

Continue reading

With EU Data Protection Regulation on the horizon, will companies be ready?

European-Union-150European businesses are not prepared to meet regulatory requirements outlined in the EU Data Protection Regulation, due to be enacted by the EU parliament in 2015. That’s the story told by a survey of 1,500 office workers in the UK, France and Germany, conducted by Sophos.

Although a large majority of poll respondents (84%) agree that stricter data protection requirements are needed, most lack confidence that their employers are compliant (77%), and many do not know what type of data protection their companies currently have in place.

During a roundtable discussion about the survey, our security experts talked about the current state of data protection and how the new requirements might impact businesses.

Continue reading