Businesses can accelerate compliance with EU General Data Protection Regulation (GDPR), HIPAA and other required data privacy standards
Sophos has announced Sophos SafeGuard Encryption 8, a new synchronized encryption solution that protects data against theft from malware, attackers or accidental leaks. All organizations can now choose to adopt the best practice of “always-on” file-level encryption to protect data accessed from mobile devices, laptops, desktops, on-prem networks and cloud-based file sharing applications. Sophos is the first vendor to provide persistent, transparent and proactive encryption that protects files across Windows, Mac, iOS or Android platforms by default.
Until now, the management and adoption of encryption has been viewed as too complex and is not uniformly adopted. According to the Sophos survey, The State of Encryption Today[1], only 29 percent of IT managers said they always encrypt smartphones and only 43 percent of Macs, leaving high levels of exposure across an organization.
“Full disk encryption alone only protects data in the event of the theft or loss of a laptop or mobile device. But data travels everywhere – it’s vulnerable and extremely difficult to protect consistently when shared and opened from multiple devices and cloud-based collaboration applications,” said Dan Schiappa, senior vice president and general manager, Enduser Security Group, Sophos. “We’ve completely re-imagined SafeGuard Encryption 8 to encrypt each individual file by default and continuously validate users, applications and devices for secure collaboration. We also provide password protected files, allowing users to share encrypted files with external recipients. When data security is simple and transparent, end users are more likely to accept it, making your whole business more secure and more likely to stay compliant.”
Comprehensive, manageable encryption should be high on the agenda for all IT leaders as they reassess data protection strategies to meet new legislation requirements. The European Union’s (EU) General Data Protection Regulation (GDPR) comes into effect on May 25, 2018, when all companies holding customer or employee data of EU citizens will face severe financial penalties of up to 4 percent of annual worldwide revenue if they suffer a data breach. This includes companies that are not necessarily based in the EU, but hold EU citizen data.
“Data privacy legislation is being introduced all over the world, and organizations of every size should review their data protection measures before they face increased consequences. Every company that conducts business in countries that have data privacy laws must comply with those local regulations,” said Schiappa. “Encryption is widely agreed to be the best security measure available. Having Sophos SafeGuard Encryption can be an easy-to-manage, best practice step for any global business that needs to protect sensitive and proprietary information ormaintain compliance with legislation.”
As part of Sophos’ synchronized security strategy, Sophos SafeGuard Encryption can respond automatically to threat incidents from connected endpoint protection. During an active infection, Sophos SafeGuard Encryption can temporarily revoke encryption keys to protect data, and users can automatically get those keys back after the incident is resolved. Sophos SafeGuard Encryption also synchronizes keys with Sophos Mobile Control, which seamlessly secures file access rights on smartphones and tablets. Even encrypted documents can be accessed securely within the application’s Secure Work Space feature.
“There are four key reasons businesses need to consider encryption. The first and most important is protection for sensitive data against hacking and data breaches. The second is unintended disclosure. People leave mobile phones and USB sticks in the back of taxis and accidentally email documents to the wrong person all the time, exposing files and other private information. Thirdly, encryption helps companies comply with regulation such as the GDPR, mitigating potentially huge fines. Lastly, the migration to cloud-based services presents a security issue, and encryption can help companies protect data that may be vulnerable,” said Duncan Brown, research director, European security practice, IDC. “In order for encryption to be effective in these four scenarios, it has to be easy for an IT admin to manage, transparent to users and work with multiple platforms and file types. Sophos does all of this within SafeGuard Encryption, allowing companies to quickly adopt encryption as a necessary security measure.”