Johannesburg, 24 Nov 2023
Cyber security is made up of three main areas – physical, technical and human. To exercise the best practice of digital security, all three elements need to be understood and considered. Only an approach that secures all three aspects of cyber security can be effective. Ubiquitous artificial intelligence (AI) is a double-edged sword – assisting with cyber security efforts on the one hand, and potentially assisting hackers on the other hand. A balanced and forward-thinking approach to cyber security is therefore needed and, more essentially, partnership with a cyber security provider who understands the complexities is critical.
Cyber security solutions for users
Elvey Group offers a cyber security solution for partners, NDR Integration Pack, MDR 1-year Data Retention, MDR third-party add-on integration, ZTNA/ZTNAaaS, and the following detailed offerings:
- Intercept X
Intercept X is the industry’s most comprehensive endpoint protection and includes the options for powerful extended detection and response (XDR) and a fully managed detection and response (MDR) service.
Simple single-agent deployment, strong default protection policies and a cloud-based management platform provide a fast transition to Sophos Endpoint. Sophos Professional Services can assist customers in migrating from a competitive product if required. During the transition, the Sophos MDR Service can operate with existing endpoint security, providing improved detection and response and an increased security posture.
Extended Detection and Response (XDR) Intercept X Advanced with XDR. This can be classified as do-it-yourself threat hunting and detection, built on the world’s best endpoint protection. Elvey’s Sophos XDR solutions are the first to be built for security analysts and IT admins. Sophos XDR allows customers to conduct threat hunting and security operations in-house and IT operations to maintain hygiene, allowing the move from reactive to proactive IT and security operations.
Protect and secure business data on personal or company-owned mobile devices. To ensure that business data is safe and personal information is private, Sophos Mobile supports BYOD environments through the Android Enterprise Work Profile and iOS User Enrolment modes of management. Deploy corporate e-mail and apps to a device and feel safe in the knowledge these remain separate from a user’s personal data, enabling productivity, without compromising security. Admins retain control over corporate content, without intruding on the users’ privacy.
- Phish threat
The Elvey team will help you reduce your largest attack surface – your end-users. Phishing attacks have shown record growth in recent years, and a solid security awareness programme is an integral part of any defence-in-depth strategy. Sophos Phish Threat educates and tests your end-users through automated attack simulations, quality security awareness training and actionable reporting metrics. It provides you with the flexibility and customisation that your organisation needs to facilitate a positive security awareness culture.
Sophos Email uses sender authentication to verify that any messages sent to a protected mailbox are sent from who they claim to be sent from. Sender authentication blocks harmful and fraudulent uses of e-mail such as phishing attacks, malicious content and spam. Sophos Email makes use of sender checks to ensure that messages are not faked or forged before they are delivered to protected mailboxes. DMARC authentication is enabled by default in the Sophos Email security base policy.
Stop malware: The danger with phishing is not the e-mail itself, but what it gets people to do. Phishing e-mails often include malicious links, and malware attackers try to trick you into activating these links. Sophos Email Time-of-Click URL rewriting analyses all URLs as they are clicked, to block or warn users of risks, while the Sophos cloud sandbox accurately analyses all files using multi-layered analysis and state-of-the art machine learning models. This ensures latest zero-day and unknown malware threats and PUA are blocked in minutes.
Post-delivery protection: E-mail protection should continue to monitor messages once in the inbox. Safe URLs can be redirected to malicious ones, and malware can be inserted in previously safe sites. Sophos Email’s Search and Destroy API connection identifies these changes to threat levels automatically and removes malicious URLs and the messages for Microsoft 365 users. Messages identified by Search and Destroy can be viewed in your post-delivery quarantine summary.
- E-mail – Portal Encryption
Portal Encryption has several beneficial features:
- Flexible policy control allows organisations to encrypt all outbound messages sent to a set list of recipient addresses and domains.
- Send secure messages fast using the O365 add-in buttons for PC and Mac, or by adding the organisation’s custom subject line tag to the message ie: “Secure: ***”.
- Manage encrypted messages from the Sophos Secure Message portal, enabling recipients to view, reply and add attachments securely.
- First-time recipients receive a notification e-mail containing a link to the Sophos Secure Message portal, where they can quickly set up a Sophos Secure Message account.
- The account can only be used for e-mails within the region that the original encrypted e-mail came from. If users receive an encrypted e-mail from another region, they must set up another account.
- Device encryption
This full disk encryption is your first line of defence:
- Secure devices and data – full disk encryption for Windows and macOS.
- Intuitive – easy to set up, easy to manage. Start securing devices in minutes.
- Compliance – verify device encryption status and demonstrate compliance.
- NDR integration pack – Central network detection and response
- The Sophos Network Detection and Response (NDR) virtual appliance monitors network traffic to identify suspicious network flows. It is an add-on integration to the Sophos Managed Detection and Response (MDR) service.
- MDR one-year data retention, central data storage pack
Sophos MDR data retention for devices is 90 days. A one-year add-on licence is available for data that needs to be retained for longer periods.
- MDR third-party add-on integration
Central Firewall Integration Pack: Sophos integration packs permit the collection of security data from non-Sophos products to expand visibility, to detect and respond to more threats faster. With each additional data source, analysts understand more about suspicious activity taking place beyond the endpoint. The Firewall Integration Pack includes support for a range of third-party firewalls. It is an add-on to the Sophos Managed Detection and Response (MDR) service.
Central Email Integration Pack: Sophos integration packs permit the collection of security data from non-Sophos products to expand visibility to detect and respond to more threats faster. With each additional data source, analysts understand more about suspicious activity taking place beyond the endpoint. The Email Integration Pack includes support for a range of third-party e-mail services. It is an add-on to the Sophos Managed Detection and Response (MDR) service.
Central Public Cloud Integration Pack: Sophos integration packs permit the collection of security data from non-Sophos products to expand visibility to detect and respond to more threats faster. With each additional data source, analysts understand more about suspicious activity taking place beyond the endpoint. The Public Cloud Integration Pack includes support for a range of cloud services. It is an add-on to the Sophos Managed Detection and Response (MDR) service.
- ZTNA/ZTNAaaS; central zero trust network access
ZTNA (zero trust network access) securely connects users to applications and is the ideal replacement for remote access VPN. It is cloud-delivered and cloud-managed from Sophos Central and protects private applications in your data centre or public cloud. ZTNA provides agentless access to private web applications and a ZTNA agent for 'thick' private application access, eg, RDP, SSH, etc. Included are central management, reporting and unlimited ZTNA gateways.
“The Elvey Group enables partners to merge the physical security aspect with cyber security to empower their customers with protection against cyber attacks. Partners can now offer their customers additional services as a security operations centre (SOC) for internal or outsourced IT teams to deploy cyber security solutions that work effectively and efficiently,” says Charleen Rheeder, Product Manager and Shared Service Support at the Elvey Group. For more information, contact Elvey, (+27) 011 401 6700, firstname.lastname@example.org, www.elvey.co.za.