Sophos, the leader of next-generation cybersecurity, introduced Sophos ZTNA, a Zero Trust Network Access solution integrated with the industry-leading next-generation endpoint security product, Sophos Intercept X. Sophos ZTNA offers an easy, transparent and scalable security approach that can better protect users and devices against ransomware and other advanced cyberthreats while accessing apps and data.
Sophos also shared the results of its research titled “Windows Services Lay the Groundwork for a Midas Ransomware Attack”, which sheds light on the importance of ZTNA. The research clarifies how cyber-attackers, taking advantage of the limited access controls and network and application separation that can be protected with the ZTNA approach, remain undetected on target networks for about two months. The research shows that before activating the Midas ransomware, attackers took advantage of obsolete “ghost” remote access tools to move between systems, target different machines, create new accounts, open backdoors and leak data.
Sophos Adaptive Cybersecurity Ecosystem Gets Richer
Sophos ZTNA eliminates management challenges by integrating with Sophos Intercept X, alongside Sophos Extended Detection and Response (XDR), Sophos Managed Threat Response, and other security solutions that incorporate this technology. This provides end-to-end protection for endpoints, users, user identities, applications and networks. As part of the Sophos Adaptive Cybersecurity Ecosystem, Sophos ZTNA automatically responds to threats by sharing real-time threat intelligence with other security solutions. Working together, the solutions can better identify active threats, assess device health, and quickly isolate compromised and non-compliant devices.
“Remote desktop and many traditional remote access solutions, such as IPsec and SSL-VPN, have strong encryption. However, they offer little protection against modern threats. Today, attackers are increasingly taking advantage of these limitations, they can access their targeted networks,” said Joe Levy, Technology and Product Lead, Sophos. We see them use credentials from RDP and VPNs to access, move freely inside once inside, causing costly data theft and ransomware attacks. Employees, applications, devices, and data are no longer limited to offices. To secure this messy structure, we see “ZTNA embodies this in a practical, easy to use way, so users can securely access only the resources they need.”
Cybercriminals’ Basing Point Is Decreasing
Sophos ZTNA microsegments networks to protect against intrusion, lateral movement and data theft. It continuously verifies user identities in multiple ways and ensures device health, providing tighter access controls for users and therefore less foothold for cybercriminals. Unlike wide-network VPNs, Sophos ZTNA removes unconditional trust and only allows users to access certain applications and systems on the network. By trusting nothing, verifying everything, improving protection, Sophos ZTNA simplifies security management on behalf of IT administrators and creates a seamless experience for remote workers.
Stating that the future of work will be hybrid and this will require the protection of remote workers, remote data and applications, Christopher Rodriguez, Research Director for Network Security Products at IDC, said, “Sophos ZTNA integrates ZTNA with endpoint protection to provide company resources from any device, at any time and from any location. “Trust is a key factor in today’s business world. This requires critical security controls to protect against business-impacting events like ransomware and data security.”
Availability
Sophos ZTNA is available for purchase through Sophos’ global channel partners. Thanks to the cloud-based Sophos Central platform, partners and customers can install and control Sophos ZTNA through a single intuitive interface, respond to alerts, and easily manage by tracking licenses and upcoming renewal dates, among other solutions.