Media Releases

Sophos launches advanced email protection solution

SophosLabs research discovered that 75 percent of malware in an organization is unique to that organization which indicates the majority of attacks are zero-day

Sophos Jul 05th 2018
email.jpg

Sophos, a global player in network and endpoint security, announced Sophos Email Advanced, the first email protection solution to offer predictive security with active threat protection (ATP), anti-phishing email authentication, and outbound scanning and policy support.

SophosLabs research discovered that 75 percent of malware in an organization is unique to that organization which indicates the majority of attacks are zero-day. The only way to combat that is with the deep learning neural network that is integrated into the Sophos Email sandboxing technology to quickly identify never-before-seen malicious files sent in email.
Email continues to be a primary attack vector for cybercriminals to launch a spear-phishing, localized or ‘spray and pray’ campaign. Sophos processes data from more than ten million inboxes protected by Sophos Email every day. Approximately 80 percent of the emails categorized as spam are found to have a malicious payload. As we’ve seen over the past few years, email is also the primary method used to spread ransomware.

A recent study by Sophos showed that more than 50 percent of organizations worldwide have suffered a ransomware attack in the last 12 months. Sophos Email Advanced includes CryptoGuard technology in the sandbox to stop ransomware before it makes it to your employee’s inboxes. Another primary defence against ransomware and phishing attacks is Time-of-Click protection, which scans the URL at the time of click, preventing stealthy and delayed attacks. Outbound scanning and multiple policy support can prevent a compromised organization from unintentionally forwarding malware or sending spam out to customers or partners, reducing the community impact of an attack and protecting an organization’s reputation.

“Ransomware-As-A-Service (RaaS) and packaged malware kits have made it easier for cybercriminals to customize and deliver more complex, targeted attacks through email. It is expected that business and consumer emails will 319.6 billion per day by the end of 2021. As malware attacks from emails become more effective, it is important for organizations to put in place a robust IT security infrastructure to protect against threats. According to the Phishing Temperature Check report conducted by Sophos along with Freeform Dynamics in association with The A Register, 41 percent of IT pros report daily phishing attacks and 66 percent of malware was installed via malicious email attachments, which is a testimony to the urgent need of email security in organisations. As a result creating a culture of security and data protection awareness has risen in priority with the greater risk of email born ransomware and the introduction of new legislation such as GDPR.” said Sunil Sharma, managing director Sales at Sophos India & SAARC
 
He further added, “IT needs smarter, predictive security to detect and stop today’s threats. Managed simply via our cloud based management tool Sophos Central, Sophos Email Advanced can deliver the highest levels of protection to secure any email platform, allowing every user to trust their inbox again.”

When managed through the Sophos Central management platform, Sophos Email is a key pillar of an integrated data protection system for the end user. IT professionals can manage Intercept X endpoint protection alongside Sophos Email Advanced and Phish Threat user awareness training, providing a stronger defence to detect and block threats, and train users against being the weakest link in their security strategy. Threat data from Sophos Email Advanced can enhance Synchronized Security intelligence and contribute to the overall community intelligence within SophosLabs.

Sophos customers and partners that participated in the early access program for Sophos Email Advanced said,
“We have seen first-hand that Sophos Email Advanced can stop malware that could previously penetrate systems easily. Through the beta program, we found Sophos Email Advanced is highly effective in reducing the amount of spam that could reach end users and this solution is effortlessly managed within Sophos Central,” states Enedel Rivera, service desk supervisor, Lanspeed.

“We work hard to stay current on the latest security technology, especially with the ever-evolving threat landscape. As a Sophos partner, we are continually impressed by the product roadmap and consistent solution improvements. Sophos Email Advanced is highly effective in stopping even the most advanced malware and reducing the amount of spam reaching end users. We look forward to offering Sophos Email Advanced to our clients, where email protection can be seamlessly managed within Sophos Central,” adds Gavin Wood, technical director, Chess ICT.

New features in Sophos Email include:
Active Threat Protection (ATP)
•         Sophos Sandstorm cloud sandbox and advanced URL protection 
•         Artificial intelligence built into Sophos Email sandboxing is able to detect and block unknown malware.
•         Time-of-Click advanced URL protection checks the website reputation or email links before delivery and at the time you click –blocking stealthy, delayed attacks
•         Time-of-Click advanced URL protection checks the website reputation or email links before delivery and at the time you click –blocking stealthy, delayed attacks
 
Anti-Phishing Email Authentication
•         Combination of SPF, DKIM, and DMARC authentication techniques and email header analysis
•         Sender Policy Framework (SPF) to declare and verify who can send e-mails from a given domain
•         Domain Keys Identified Mail (DKIM) e-mail authentication system based on asymmetric cryptographic keys
•         Domain Message Authentication Reporting & Conformance (DMARC) to determine what to do when messages fail SPF or DKIM checks
 
Outbound Scanning and Multi-Policy Support
•         Spam and virus scanning of outbound email scans to prevent unintended distribution of threats and protect reputation
•         Customized security policies can be created for individuals, groups or the whole domain in minutes
 
Deployment and Data Processing Location Options
•         Available through Sophos Central cloud-based management platform
•         Sophos Secure Email Gateways can be deployed as an on-premise appliance or within the newest version of the Sophos XG Firewall
•         Message processing centers in Ireland, USA, and Germany
•         Sophos Sandstorm locations in Ireland, USA, and Japan