Sophos Adds Data Loss Prevention Technology To Endpoint Suite

Sophos has bundled content-aware data loss prevention (DLP) software into its Sophos Endpoint Security and Data Protection product suite, in what it is calling a “game changing” move for the technology.

This means, says Sophos, that businesses can now use a single agent to protect against data loss, secure their networks against malware, adware, suspicious files and behaviour, as well as control unauthorised devices and applications. And for those organisations seeking to meet the compliance regulations, the Endpoint product also now has a compliance tick box which provides full encryption for hard disks and removable storage.

Speaking to eWEEK Europe, John Shaw, vice president of endpoint security at Sophos explained that version 9 of Sophos Endpoint Security and Data Protection product suite is a huge release for the company.

“We have changed the game here,” Shaw said. “We are the first antivirus vendor to do what the analysts have been saying for a while now, which is to get antivirus software to do the DLP. We have brought DLP within reach of most organisations.”

According to Shaw, the Sophos Endpoint Security and Data Protection product suite is software that is traditionally aimed at the antivirus price range, but that it does a lot more than antivirus stuff now.

“Over last few years we have been adding lot more new things (to Endpoint Security and Data Protection), without charging much more money,” he said. “So it does antivirus, signature and proactive protection, as well as host intrusion prevention. It also includes anti adware or anti spyware, and includes application controlling, i.e. the ability to prevent users from installing certain type of software (Skype etc). The IT administrator can also set up a policy that says that users can only use IE7, not Firefox or Chrome for example.”

Sophos Endpoint Security and Data Protection also offers device control (such as USB keys), and also has network access control and full disk encryption (entire disk encryption or whole USB key, or just the files that go onto it.). Shaw says the encryption side is mainly used for encryption of laptop disk drives so that data is not compromised if the laptop is lost or stolen.

Shaw also said the new version features enhanced applications control (they have added categories to application it can block), and enhanced the device control (they have made it much richer and fully featured).

But the main talking point is the data loss prevention technology.

“It is complimentary to the encryption,” explained Shaw. “With DLP, it looks inside the files for particular content. We can see if a file contains lots of addresses, credit card details, bank details etc. For example, we can see if a file has more than 10 credit card numbers and we can take action if the file is attached to an email. We can either stop it or pop a message to the user asking them if they are aware the file contains so many credit card details, for example.”

“The IT manager sets the policy, but we provide default rules and they they choose to turn on the default rules, or edit them,” said Shaw. “It scans intelligently, and does what our anti malware software already does. Basically, we are extending what we are already doing, looking inside the document to look for credit card numbers for example.”

“It really is game changing, as sure other vendors have DLP, but everyone else has done new software, so it becomes very expensive,” Shaw said. “We have just added to our existing software.”

As Sophos operates a subscription license, existing customers will automatically get the new functionality. Pricing for new users costs starts at £20.75 per user for a 500 seat licence.