Are you up to date with PCI DSS version 3.0? Here’s what you should know to stay compliant

pci_version_3The Payment Card Industry Data Security Standard (PCI DSS) has been updated to version 3.0. If you’re a compliance officer, or concerned about keeping up with the data security standards, we can tell you what you need to know.

John Shier, Sophos senior security expert, does a great job explaining how the standards are evolving to keep pace with the security threats companies face. We encourage you to read John’s article covering the latest changes in PCI DSS version 3.0 – it’s a quick read and a good overview.

Continue reading

Sophos Mobile Encryption 2.2 released – Free file encryption app for Android and iOS

sophos-mobile-encryption-2-2Sophos Mobile Encryption version 2.2 is out — the newest update of our free file encryption app for Android smartphones and tablets and iOS devices.

Sophos Mobile Encryption gives you an easy way to encrypt and decrypt files, right on your mobile device. Encrypt files handed over by other apps, upload encrypted files to your cloud storage providers, or store them securely in local storage within the app.

Download the Sophos Mobile Encryption app from Google Play for Android, or from iTunes for iOS devices (iPhones, iPod Touches and iPads).

Continue reading

Sophos news in review: Counting down XP, Snow Leopard snubbed, and April Fools’ Day trickery

Sophos-in-the-newsThis week marked the start of a new fiscal year for Sophos, and we ended the last year on a really high note. We also have big plans and some exciting news to announce in the coming weeks.

With the happy arrival of spring after a long and weary winter, our co-workers and friends in the UK celebrated April Fools’ Day with a really good joke.

Windows XP is coming up on its final security patch on Tuesday 8 April, so we decided to count down to XP’s demise — but not using the number of days you might expect. And Apple proved once again that its days of providing security fixes for OS X 10.6 Snow Leopard are over.

Continue reading

Gartner report helps SMBs assess options for managing and securing mobile devices

logo_100x100_gartnerSmaller businesses are quickly adopting mobile technologies in order to enjoy the same flexibility and productivity enhancements mobile devices provide large enterprises. But there’s a dilemma: smaller businesses do not have the same resources bigger ones can tap into for managing and protecting mobile devices.

A new report published by analyst firm Gartner, Inc. highlights the challenges facing small and mid-sized businesses (SMBs) in managing today’s mobile workforce within their budgets and staffing levels.

The report, titled The Six Pain Points of Managing Mobile Devices for Small or Midsize Businesses, describes how SMBs can navigate these difficulties with an effective, affordable, and easy-to-manage MDM system.

Continue reading

What is phishing? Anatomy of a phishing attack plus five security tips (Video)

phishing-emailsPhishing is one of the most effective means for cyber crooks to get around your security to steal sensitive information, usually in the form of an email that imitates real communications from trusted sources like banks, social media websites and delivery companies.

If you’ve ever come across a suspicious email promising you great deals or free money, you hopefully know to stay away. But sometimes a cybercriminal might manage to trick you into giving away your passwords to sensitive websites.

Phishing is a problem that won’t go away. But you can train yourself to look for giveaways that will tell you if you’ve visited a phishing website by mistake. Check out our five security tips to stay safe from phishing. Plus, watch our short video explaining how a secure web gateway can protect you and your business from phishing attacks.

Continue reading

Sophos in the news: Microsoft Word zero-day, email privacy, and data encryption (Video and Podcast)

Sophos-in-the-newsThis week we had several more reminders that our data is only as secure as we make it, because we sure can’t rely on others to secure our data for us. Plus, we talked about encryption as the only way to make sure your data isn’t being seen by snoops.

In security news, a new zero-day threat caused Microsoft to issue a security alert and a short-term fix for a vulnerability in Word that was being exploited in targeted attacks.

On the privacy front, meanwhile, Google and Microsoft were fighting back and forth about who has the most secure free webmail.

Continue reading

How to manage native encryption on Macs and Windows PCs (Video)

Smile, you're on CCTVEncryption is a hot topic in the news these days, with ongoing revelations of spying by the U.S. National Security Agency (NSA). Organizations including Facebook, Microsoft, Yahoo and Google have pledged to encrypt users’ data in transit to prevent the NSA — or anyone else — from reading your emails or chats.

Unfortunately, these companies don’t provide complete end-to-end encryption, and there are many loopholes the NSA, or cybercriminals, can slip through.

That’s why an encryption solution that protects data everywhere — in emails, on disk, or in the cloud — is essential. In this short video (embedded below), we explain how you can get security and performance; plus how you can manage native encryption on Macs and Windows PCs, while also protecting data everywhere it resides.

Continue reading

How to protect your virtual machines from malware, without hurting performance

Virtual-machinesVirtual machines — whether running on VMware ESXi, Citrix Xen, or Microsoft Hyper-V — create an interesting security challenge. On one hand, they’re every bit as susceptible to malware and other threats as conventional systems. On the other hand, traditional antivirus software doesn’t always play nicely with dynamic, highly consolidated virtual environments.

In particular, the overhead of running multiple concurrent antivirus scanners on a single host can affect performance and scalability. Meanwhile, the constant starting, stopping, and cloning of virtual machines can leave systems unprotected.

A new Sophos whitepaper explores these challenges and presents two effective approaches to securing your virtual machines without sacrificing performance: agentless antivirus and virtualization-optimized endpoint security.

Continue reading

Sophos simplifies subscriptions and lifecycle for endpoint products

sophos-cloudIn order to make our endpoint products even easier to use, we have simplified the subscriptions in our on-premise management console (SEC) to make using Sophos engineering more efficient. Now, we will no longer be releasing all of our endpoint products together on a monthly basis.

Instead, we are separating the product and security updates and will deliver Windows, Mac and Linux individually, with more frequent security data updates, and less frequent software changes.

We’re sending more direct communications to our customers and partners over the coming weeks. In the meantime, you can take a look at a new set of knowledgebase articles that explain the changes and how things will work from now on.

Continue reading

Webcast shows you how to protect data everywhere with SafeGuard Enterprise 6.1

SafeGuard-EnterpriseToday’s compliance regulations require you to encrypt your data at rest and in motion — whether it’s on a laptop, in an email, stored on a USB drive, or being accessed in the cloud. And yet, 80% of mid-sized companies aren’t even encrypting laptops for fear of slowing down users. All of them should be looking at an encryption solution that protects data everywhere — and won’t hurt performance.

Join Sophos security expert Alan Phillips to learn how you can protect your data with SafeGuard Enterprise — without impacting productivity. Watch the replay below of our quick and informative webcast to see a live demo of the newly released SafeGuard Enterprise 6.1 that delivers encryption without compromise.

Continue reading