We’ve got
the UK covered
Be Better Together
IT security for Local Government and
the Emergency Services
Do more with less
To find out more visit:
Putting a price on
peace of mind
IT security has arguably become a story focused on cost
versus quality.
A focus on cost
Cost in the public sector is obviously impacted by directives to reduce spending, and despite a strong economic recovery since mid-2013 Britain has still to reach the
halfway point of the planned austerity push. According to the Institute of Fiscal Studies, unprotected departmental spending areas have on average suffered cuts of nearly 20%. Budgets today simply need to go further, and with IT being one of the areas of greatest expense it is also a tempting target for stripping out cost.
Every new deal or renewal is therefore under the microscope, as organisations unsurprisingly look for the cheapest options available that still offer the same quality of service. Then there are the management activities that also come with an associated cost in the form of the resources and time needed to complete them. These can range from the hours spent meeting with suppliers to those involved in updating systems and conducting user training.
Meeting aggressive targets – the ‘thrust to cut’ – means taking a comprehensive and integrated view of both upfront costs and the total cost of ownership.
A focus on quality
Quality remains a far more static concept, as no organisation can afford to expose its IT infrastructure to the threat of attack or an embarrassing data breach. Equally, this need to avoid the loss of sensitive information is matched by the requirement to expand security outside traditional boundaries to embrace shared and remote working. Front line services have increasingly become defined by the diverse set of workstations and mobile device platforms used to deliver them – the ‘endpoints’ that routinely access data stored in the network, in the cloud, and on the devices themselves. Yet at the same time these assets are being exposed to an interconnected environment outside the limits of traditional IT security.
So what options exist for IT and procurement teams? Can tough government cost cutting targets be achieved without leaving systems and devices open to attack?
In search of the
answer
“With job cuts, how can
I become even more
efficient?”
“How can I make
consolidation work?”
“How can I justify any
decision to change our IT
security supplier?”
“How can I make the most
of the Public Services
Network?”
“Can I afford to embrace
BYOD?”
“Can we procure
technologies that
actually reduce training
requirements?”
“How can I afford to
deliver effective end user
protection?”
“Is there a way to join with
other authorities to extend
the budget?”
“Is there a way to cut the
overhead of having to
manage so many different
technologies?”
“With so many suppliers,
are we buying capabilities
that already exist?”
Pressing
questions for
IT
?
?
Pressing
questions for
Procurement
We’ve got you
covered
For the UK Public Sector, Sophos is dedicated to one
core mission: delivering the most cost effective way
for you to secure and control your IT infrastructure
and data.
As a UK-founded supplier of IT security, we have an unrivalled understanding of the threat landscape facing Local Government, Police, Fire and Rescue Services. This knowledge is incorporated into the complete range of network, antivirus, email, server, web and mobile security products we offer – technologies that are as simple to deploy, as they are to work with.
Based on these solutions, we can offer you three commitments that relate to cost, quality and credentials:
We’ll help you meet your cost cutting
targets – without compromising quality
When it comes to reducing the cost and complexity of your IT security, consolidation is a good place to start. This is the move from multiple vendors and products to one single solution, which as we’ve found with other customers in the UK Public Sector can typically lead to cost savings of 35-40%. Savings are achieved by reducing the costs of licensing, managing and supporting the security solution, thereby significantly lowering the total cost of ownership.
From a quality perspective, this approach also enables you to replace multiple point solutions that have grown together over time in response to evolving threats and legislation. Such organic growth has been necessary to defend against a growing cyber threat, but it can also create a wide array of technologies that are far from complementary – and at times offer comparative functionality.
With consolidation, this assortment of licenses and products is instead replaced by a single source for updates, upgrades and support. This is particularly important as new requirements are added to the mix of necessary security expenditures, including data loss prevention, policy-based encryption and web threat protection. What’s more, the integrated threat management solutions from Sophos are tightly engineered to work together, backed up by our capabilities for constantly monitoring new threats, and world class 24/7 support.
We’ll help reduce your administrative
burden, to save money and allow you to
work even smarter
While reducing cost is one of the main drivers behind consolidation, simplified security management is another key consideration. Indeed, easier management leads directly to the ‘soft’ savings associated with greater efficiency: a significant reduction in the hours needed to administer the system, and more productive users.
Easier management is at the heart of the Sophos approach to security. We can help you move from a multi-vendor infrastructure to a consolidated solution, which means your IT team only has the one set of tools to become proficient with. This unified set of products is also backed up by a single support organisation – so no more time spent navigating multiple software licenses and service contracts when you need assistance.
In addition, with Sophos you’ll have better visibility of network activity, more centralised reporting, and automated capabilities for preventing, detecting and remediating threats across your entire system – so you really can focus on other activities. The result: fewer employee hours required to manage fewer tasks, simple and fast training for new staff, and one familiar and inclusive interface.
With our experience it doesn’t take us long
to move from talking to delivering
When it comes to understanding the raft of legislative and regulatory standards you have to operate within, and the budgetary and performance constraints that exist, experience really does count. That’s why at Sophos
we’re proud to state that our customer list for the Public Sector includes 55% of Local Government, 60% of Police Forces in England and Wales, and 35% of Fire and Rescue Services.
We’re also a UK-based company, and maintain open dialogue with our customers to identify where and how we can enhance our offering to meet the real security needs of Local Government. This knowledge also influences our approach to deployment. With deep, hard won experience of challenge and opportunity, Sophos knows exactly how to get your network security up and running fast and effectively.
2:
3:
Protecting end user devices and data
At Sophos our approach to building security for the Public Sector is anchored by three core beliefs:
1] Security must be comprehensive – and the solution must include all the capabilities required to satisfy your specific needs.
2] Security can be made simple – with simplicity intrinsic to the solution, including deployment, management, licensing, support, and the overall user experience.
3] Security is more effective as a system – because new possibilities emerge when technology components communicate and cooperate, instead of each functioning in isolation.
Next-Generation Enduser Protection is Sophos’ vision of applying these principles to deliver better security for end user devices and data through the integration of endpoint, mobile, and encryption technologies.
Unified threat management from Sophos
To consolidate your IT security with Sophos is to gain access to the latest firewall protection plus features you can’t get anywhere else – including mobile, web, data loss prevention and Next-Generation Enduser Protection. No extra hardware. No extra cost. Simply choose what you want to deploy.
Network Protection:
No compromise performance and security
All the protection you need to stop sophisticated attacks and advanced threats while providing secure network access to those you trust.
Features include:
• Network Firewall
• Intrusion Prevention System • Advanced Threat Protection • Secure VPN Access
• Site-to-Site VPN
Endpoint Protection:
Centrally managed endpoint antivirus
Extend protection to your Windows desktops and laptops with antivirus, device, and web control all on one license.
Features include:
• Single Console Management • Easy Deployment
• Antivirus and Malware Protection • Device Control
• Web in Endpoint
Web Protection:
Ensure safe and productive web use
Comprehensive protection from the latest web threats and powerful policy tools to ensure your users are secure and productive online.
Features include:
• Web Malware Protection • URL Filtering Policies
• SafeSearch, YouTube, and Google Apps • HTTPS Scanning
• Layer-7 Application Control
Email Protection:
Secure against spam, phishing and data loss
Full SMTP and POP message protection from spam, phishing and data loss with our unique all-in-one protection.
Features include:
• SPX Email Encryption
• Standards-Based Encryption • Data Loss Prevention
• Live Anti-Spam
Mobile Protection:
Secure devices, content and applications
Manage your mobile devices, content, applications, and email, in addition to integrated antivirus, anti-malware and web filtering.
Features include:
• Mobile Content Management • Mobile Device Management • Mobile Application Management • Mobile Email Management
• Integrated Security for Android Devices
SafeGuard Encryption:
Protect your servers and
web applications
Harden your web servers and Microsoft Enterprise Applications against hacking attempts while providing secure access to users.
Features include:
• Web Application Firewall • Server Hardening
• Reverse Proxy Authentication • Anti-virus Scanning
• SSL Offloading
Sophos Reference Architecture
AT HOME AND ON THE MOVE
Reputation Data * Active Protection SophosLabs Correlated Intelligence * Content Classification
REMOTE OFFICE 1 Endpoint Security SafeGuard Encryption Mobile Control Mobile Control Secure Wi-Fi Secure VPN RED Secure VPN Client HEADQUARTERS Endpoint Security SafeGuard Encryption Mobile Control Administration
Secure Wi-Fi NextGen Firewall
UTM NextGen Firewall Secure Web Gateway Secure Email Gateway Web Application Firewall Endpoint Security
SafeGuard Encryption
SOPHOS CLOUD
Endpoint Security
SafeGuard Encryption Mobile Control
Secure Wi-Fi
Secure Web
Gateway Secure EmailGateway
V
Web Application Firewall
Network Storage Antivirus Server Security
Guest Wi-Fi
REMOTE OFFICE 2
Introducing: Next-Generation Enduser Protection
Next-Generation Enduser Protection represents a fundamental change to how we approach security. It’s a solution that collects suspicious events from all your devices, and correlates the data to identify any compromised systems. If any are found the administrator is alerted and the system temporarily locked down – removing access to sensitive network and cloud data – while the detected threat is removed. What’s more, this is all done automatically.
This is a shift in focus from traditional antivirus to incorporate prevention, detection and remediation across your entire system — all managed over the web via Sophos Cloud. What it gives you is the confidence that fewer infections will be experienced, along with a lower risk of data breaches and other security incidents.
Available today:
Two next-generation features are already available:
1] Malicious Traffic Detection – which catches compromised computers in the act of communicating with attackers’ command and control servers. By integrating this feature into the endpoint, we can detect a compromise on or off the network, identify the specific malicious file, and clean up the infection. This means better detection rates and less time manually cleaning infected systems.
2] Sophos System Protector – the ‘brain’ of our updated endpoint agent. What it does is correlate information from the Malicious Traffic Detector and other components to identify threats that might not be deemed ‘bad’ by any one component on its own. The result is better protection against advanced threats and fewer false positives.
Coming soon:
Encryption will also come to Sophos Cloud in 2015, and with it the ability to use
encryption in conjunction with our endpoint and mobile products for preventing, detecting and remediating threats. Within the endpoint agent, we’ll also be adding additional
“
“With Sophos, our platform is now ideal for PSN compliance,
“
even when it evolves over time. We have no regrets.”
Nigel Swan, IT Technical Services Manager, Rushmoor Borough Council
Sophos in action
The customer
Formed in 1974, Rushmoor Borough Council is a Local Government District and Borough in Hampshire.
The challenge of PSN compliance
The introduction of PSN in 2008 has meant higher standards and stricter security compliances for Local Authorities to adhere to. For Rushmoor Borough Council – having already chosen Sophos in 2002 – there was confidence that the capabilities were already in place to avoid the risk of suspension, meet any changes to the Government’s annual security criteria, and ensure comprehensive data protection.
The technology
Rushmoor switched its perimeter firewall solution to Sophos in 2014. This followed
intensive research that compared it with Palo Alto and WatchGuard, using Gartner’s Magic Quadrant together with onsite testing and analysis.
Having already chosen Sophos for desktop firewall security, Sophos PureMessage for email protection, Sophos SafeGuard Encryption to protect data moving from A to B to C, and Sophos Mobile Control to protect devices working remotely, Rushmoor was in a good position to further integrate security solutions. The Council’s IT Technical Services Manager, Nigel Swan, has worked closely with the Sophos team ever since in order to meet the strict Government regulations.
“
“The scale of PSN compliance cannot be underestimated. It’s
“
no longer a ‘should’ it’s a ‘must’. Decision making has been
removed from councils and we absolutely must comply.”
Nigel Swan, IT Technical Services Manager, Rushmoor Borough Council“
“We feel we have a solid foundation to move forward –
“
encompassing a refined and much-improved infrastructure.”
Nigel Swan, IT Technical Services Manager, Rushmoor Borough CouncilThe results
The main business benefit for Nigel and his team is the PSN compliance expertise at Sophos. This helps them to meet crucial regulations and avoid the risk of being disconnected by Government.
Other benefits include:
Transparency
The Sophos solutions are invisible to the Council’s 350 internal customers. Instead, with the role-based alerting system in place, IT can resolve any problem before users are even aware of it.
Data compliance
Sophos Mobile Control and Sophos Safeguard Encryption prevent against data loss and provide reassurance to those working in the field or from home.
Value for money
Rushmoor now has more security equipment than before but has been able to keep costs relatively low compared with other vendors such as Palo Alto or WatchGuard.
10-15% time savings each week
Reduced complexities, reduced administrative overheads, faster updates, automation, central management and greater product integration has all contributed to significant weekly time savings.
