We ve got the UK covered

11  Download (0)

Full text


We’ve got

the UK covered

Be Better Together

IT security for Local Government and

the Emergency Services

Do more with less

To find out more visit:


Putting a price on

peace of mind

IT security has arguably become a story focused on cost

versus quality.

A focus on cost

Cost in the public sector is obviously impacted by directives to reduce spending, and despite a strong economic recovery since mid-2013 Britain has still to reach the

halfway point of the planned austerity push. According to the Institute of Fiscal Studies, unprotected departmental spending areas have on average suffered cuts of nearly 20%. Budgets today simply need to go further, and with IT being one of the areas of greatest expense it is also a tempting target for stripping out cost.

Every new deal or renewal is therefore under the microscope, as organisations unsurprisingly look for the cheapest options available that still offer the same quality of service. Then there are the management activities that also come with an associated cost in the form of the resources and time needed to complete them. These can range from the hours spent meeting with suppliers to those involved in updating systems and conducting user training.

Meeting aggressive targets – the ‘thrust to cut’ – means taking a comprehensive and integrated view of both upfront costs and the total cost of ownership.

A focus on quality

Quality remains a far more static concept, as no organisation can afford to expose its IT infrastructure to the threat of attack or an embarrassing data breach. Equally, this need to avoid the loss of sensitive information is matched by the requirement to expand security outside traditional boundaries to embrace shared and remote working. Front line services have increasingly become defined by the diverse set of workstations and mobile device platforms used to deliver them – the ‘endpoints’ that routinely access data stored in the network, in the cloud, and on the devices themselves. Yet at the same time these assets are being exposed to an interconnected environment outside the limits of traditional IT security.

So what options exist for IT and procurement teams? Can tough government cost cutting targets be achieved without leaving systems and devices open to attack?


In search of the


“With job cuts, how can

I become even more


“How can I make

consolidation work?”

“How can I justify any

decision to change our IT

security supplier?”

“How can I make the most

of the Public Services


“Can I afford to embrace


“Can we procure

technologies that

actually reduce training


“How can I afford to

deliver effective end user


“Is there a way to join with

other authorities to extend

the budget?”

“Is there a way to cut the

overhead of having to

manage so many different


“With so many suppliers,

are we buying capabilities

that already exist?”


questions for





questions for



We’ve got you


For the UK Public Sector, Sophos is dedicated to one

core mission: delivering the most cost effective way

for you to secure and control your IT infrastructure

and data.

As a UK-founded supplier of IT security, we have an unrivalled understanding of the threat landscape facing Local Government, Police, Fire and Rescue Services. This knowledge is incorporated into the complete range of network, antivirus, email, server, web and mobile security products we offer – technologies that are as simple to deploy, as they are to work with.

Based on these solutions, we can offer you three commitments that relate to cost, quality and credentials:

We’ll help you meet your cost cutting

targets – without compromising quality

When it comes to reducing the cost and complexity of your IT security, consolidation is a good place to start. This is the move from multiple vendors and products to one single solution, which as we’ve found with other customers in the UK Public Sector can typically lead to cost savings of 35-40%. Savings are achieved by reducing the costs of licensing, managing and supporting the security solution, thereby significantly lowering the total cost of ownership.

From a quality perspective, this approach also enables you to replace multiple point solutions that have grown together over time in response to evolving threats and legislation. Such organic growth has been necessary to defend against a growing cyber threat, but it can also create a wide array of technologies that are far from complementary – and at times offer comparative functionality.

With consolidation, this assortment of licenses and products is instead replaced by a single source for updates, upgrades and support. This is particularly important as new requirements are added to the mix of necessary security expenditures, including data loss prevention, policy-based encryption and web threat protection. What’s more, the integrated threat management solutions from Sophos are tightly engineered to work together, backed up by our capabilities for constantly monitoring new threats, and world class 24/7 support.


We’ll help reduce your administrative

burden, to save money and allow you to

work even smarter

While reducing cost is one of the main drivers behind consolidation, simplified security management is another key consideration. Indeed, easier management leads directly to the ‘soft’ savings associated with greater efficiency: a significant reduction in the hours needed to administer the system, and more productive users.

Easier management is at the heart of the Sophos approach to security. We can help you move from a multi-vendor infrastructure to a consolidated solution, which means your IT team only has the one set of tools to become proficient with. This unified set of products is also backed up by a single support organisation – so no more time spent navigating multiple software licenses and service contracts when you need assistance.

In addition, with Sophos you’ll have better visibility of network activity, more centralised reporting, and automated capabilities for preventing, detecting and remediating threats across your entire system – so you really can focus on other activities. The result: fewer employee hours required to manage fewer tasks, simple and fast training for new staff, and one familiar and inclusive interface.

With our experience it doesn’t take us long

to move from talking to delivering

When it comes to understanding the raft of legislative and regulatory standards you have to operate within, and the budgetary and performance constraints that exist, experience really does count. That’s why at Sophos

we’re proud to state that our customer list for the Public Sector includes 55% of Local Government, 60% of Police Forces in England and Wales, and 35% of Fire and Rescue Services.

We’re also a UK-based company, and maintain open dialogue with our customers to identify where and how we can enhance our offering to meet the real security needs of Local Government. This knowledge also influences our approach to deployment. With deep, hard won experience of challenge and opportunity, Sophos knows exactly how to get your network security up and running fast and effectively.



Protecting end user devices and data

At Sophos our approach to building security for the Public Sector is anchored by three core beliefs:

1] Security must be comprehensive – and the solution must include all the capabilities required to satisfy your specific needs.

2] Security can be made simple – with simplicity intrinsic to the solution, including deployment, management, licensing, support, and the overall user experience.

3] Security is more effective as a system – because new possibilities emerge when technology components communicate and cooperate, instead of each functioning in isolation.

Next-Generation Enduser Protection is Sophos’ vision of applying these principles to deliver better security for end user devices and data through the integration of endpoint, mobile, and encryption technologies.


Unified threat management from Sophos

To consolidate your IT security with Sophos is to gain access to the latest firewall protection plus features you can’t get anywhere else – including mobile, web, data loss prevention and Next-Generation Enduser Protection. No extra hardware. No extra cost. Simply choose what you want to deploy.

Network Protection:

No compromise performance and security

All the protection you need to stop sophisticated attacks and advanced threats while providing secure network access to those you trust.

Features include:

• Network Firewall

• Intrusion Prevention System • Advanced Threat Protection • Secure VPN Access

• Site-to-Site VPN

Endpoint Protection:

Centrally managed endpoint antivirus

Extend protection to your Windows desktops and laptops with antivirus, device, and web control all on one license.

Features include:

• Single Console Management • Easy Deployment

• Antivirus and Malware Protection • Device Control

• Web in Endpoint

Web Protection:

Ensure safe and productive web use

Comprehensive protection from the latest web threats and powerful policy tools to ensure your users are secure and productive online.

Features include:

• Web Malware Protection • URL Filtering Policies

• SafeSearch, YouTube, and Google Apps • HTTPS Scanning

• Layer-7 Application Control

Email Protection:

Secure against spam, phishing and data loss

Full SMTP and POP message protection from spam, phishing and data loss with our unique all-in-one protection.

Features include:

• SPX Email Encryption

• Standards-Based Encryption • Data Loss Prevention

• Live Anti-Spam


Mobile Protection:

Secure devices, content and applications

Manage your mobile devices, content, applications, and email, in addition to integrated antivirus, anti-malware and web filtering.

Features include:

• Mobile Content Management • Mobile Device Management • Mobile Application Management • Mobile Email Management

• Integrated Security for Android Devices

SafeGuard Encryption:

Protect your servers and

web applications

Harden your web servers and Microsoft Enterprise Applications against hacking attempts while providing secure access to users.

Features include:

• Web Application Firewall • Server Hardening

• Reverse Proxy Authentication • Anti-virus Scanning

• SSL Offloading

Sophos Reference Architecture


Reputation Data * Active Protection SophosLabs Correlated Intelligence * Content Classification

REMOTE OFFICE 1 Endpoint Security SafeGuard Encryption Mobile Control Mobile Control Secure Wi-Fi Secure VPN RED Secure VPN Client HEADQUARTERS Endpoint Security SafeGuard Encryption Mobile Control Administration

Secure Wi-Fi NextGen Firewall

UTM NextGen Firewall Secure Web Gateway Secure Email Gateway Web Application Firewall Endpoint Security

SafeGuard Encryption


Endpoint Security

SafeGuard Encryption Mobile Control

Secure Wi-Fi

Secure Web

Gateway Secure EmailGateway


Web Application Firewall

Network Storage Antivirus Server Security

Guest Wi-Fi



Introducing: Next-Generation Enduser Protection

Next-Generation Enduser Protection represents a fundamental change to how we approach security. It’s a solution that collects suspicious events from all your devices, and correlates the data to identify any compromised systems. If any are found the administrator is alerted and the system temporarily locked down – removing access to sensitive network and cloud data – while the detected threat is removed. What’s more, this is all done automatically.

This is a shift in focus from traditional antivirus to incorporate prevention, detection and remediation across your entire system — all managed over the web via Sophos Cloud. What it gives you is the confidence that fewer infections will be experienced, along with a lower risk of data breaches and other security incidents.

Available today:

Two next-generation features are already available:

1] Malicious Traffic Detection – which catches compromised computers in the act of communicating with attackers’ command and control servers. By integrating this feature into the endpoint, we can detect a compromise on or off the network, identify the specific malicious file, and clean up the infection. This means better detection rates and less time manually cleaning infected systems.

2] Sophos System Protector – the ‘brain’ of our updated endpoint agent. What it does is correlate information from the Malicious Traffic Detector and other components to identify threats that might not be deemed ‘bad’ by any one component on its own. The result is better protection against advanced threats and fewer false positives.

Coming soon:

Encryption will also come to Sophos Cloud in 2015, and with it the ability to use

encryption in conjunction with our endpoint and mobile products for preventing, detecting and remediating threats. Within the endpoint agent, we’ll also be adding additional


“With Sophos, our platform is now ideal for PSN compliance,

even when it evolves over time. We have no regrets.”

Nigel Swan, IT Technical Services Manager, Rushmoor Borough Council

Sophos in action

The customer

Formed in 1974, Rushmoor Borough Council is a Local Government District and Borough in Hampshire.

The challenge of PSN compliance

The introduction of PSN in 2008 has meant higher standards and stricter security compliances for Local Authorities to adhere to. For Rushmoor Borough Council – having already chosen Sophos in 2002 – there was confidence that the capabilities were already in place to avoid the risk of suspension, meet any changes to the Government’s annual security criteria, and ensure comprehensive data protection.

The technology

Rushmoor switched its perimeter firewall solution to Sophos in 2014. This followed

intensive research that compared it with Palo Alto and WatchGuard, using Gartner’s Magic Quadrant together with onsite testing and analysis.

Having already chosen Sophos for desktop firewall security, Sophos PureMessage for email protection, Sophos SafeGuard Encryption to protect data moving from A to B to C, and Sophos Mobile Control to protect devices working remotely, Rushmoor was in a good position to further integrate security solutions. The Council’s IT Technical Services Manager, Nigel Swan, has worked closely with the Sophos team ever since in order to meet the strict Government regulations.

“The scale of PSN compliance cannot be underestimated. It’s

no longer a ‘should’ it’s a ‘must’. Decision making has been

removed from councils and we absolutely must comply.”

Nigel Swan, IT Technical Services Manager, Rushmoor Borough Council


“We feel we have a solid foundation to move forward –

encompassing a refined and much-improved infrastructure.”

Nigel Swan, IT Technical Services Manager, Rushmoor Borough Council

The results

The main business benefit for Nigel and his team is the PSN compliance expertise at Sophos. This helps them to meet crucial regulations and avoid the risk of being disconnected by Government.

Other benefits include:


The Sophos solutions are invisible to the Council’s 350 internal customers. Instead, with the role-based alerting system in place, IT can resolve any problem before users are even aware of it.

Data compliance

Sophos Mobile Control and Sophos Safeguard Encryption prevent against data loss and provide reassurance to those working in the field or from home.

Value for money

Rushmoor now has more security equipment than before but has been able to keep costs relatively low compared with other vendors such as Palo Alto or WatchGuard.

10-15% time savings each week

Reduced complexities, reduced administrative overheads, faster updates, automation, central management and greater product integration has all contributed to significant weekly time savings.


Be Better Together

If you’d like more information on how our solutions could

work in your environment, why not get in touch?

You can contact us on:

+44 (0)1235 465942