Sophos technology helps Enfield Borough Council become CoCo compliant

December 03, 2009 Sophos Press Release

IT security and control firm Sophos today announced that the London Borough of Enfield Council has deployed Sophos SafeGuard encryption technology across 3,000 laptops to ensure that data is kept secure and compliant with the Government Connect Secure Extranet's (GCSX's) Code of Connection (CoCo) regulations.

Introduced in April 2008, the CoCo is a series of IT security standards that set the future of communications between local and central Government by way of the GCSX network. The standards require all local authorities to implement strict security processes and IT controls, as well as provide secure access to data through multi-factor authentication.

Enfield Borough Council is deploying Sophos's encryption solution on to all its laptop computers across its entire estate. The installation is part of a borough-wide 'corporate desktop transformation' project due for completion by March 2010.

"With the introduction of the CoCo regulations, we needed a robust and reliable solution that would help us meet strict security control criteria," said Alan Andrews, technical architecture and delivery manager at the London Borough of Enfield Council. "Sophos's encryption technology has helped us achieve this."

Sophos SafeGuard meets the complex needs of large organisations that require highly-scalable, maintainable, data security solutions. Designed to integrate quickly and effectively with existing security infrastructures, the software is easy to administer from a single central console. The solution is also capable of automating administrative tasks, saving IT teams a significant amount of time on configuration.

Offering comprehensive data protection on all kinds of devices from laptops, desktops and email to removable media such as portable USB drives, Sophos's solution provides Enfield Council with encryption and data loss prevention (DLP) technology under one management control. With report, audit and logging capabilities, Sophos SafeGuard also enables the Council to monitor regulatory compliance requirements ensuring that user communication adheres to Government and industry regulations at all times.

"Complying with the CoCo was a major driving force behind the Sophos deployment - but we also had to consider the technical implications of the Council's new flexible working scheme in conjunction with the desktop transformation project," continued Andrews. "On an IT level this approach means an increased number of staff using laptops for remote working - the risk of data loss is vast. We've all heard the horror stories in the press, so it was obvious to us that deploying an encryption solution was the best way to ensure our data's security."

As part of the IT overhaul, Enfield Council also selected Sophos Endpoint Security and Control to ensure that its corporate network of 4,500 machines - and the sensitive data stored on it - is protected against malware, viruses and hackers. With integrated anti-virus, anti-spyware, host intrusion prevention, application control, firewall and Network Access Control (NAC) to block viruses and spyware, Sophos's 'out-of-the-box' security solution ensures that the Council's computers are running authorised up-to-date software - another CoCo criterion - and adhere to specific user policies set by the organisation.

"Sophos's comprehensive preventative endpoint protection, combined with its encryption solution means that our corporate network is protected from all sides," added Andrews. "Data protection was paramount in this decision process - and we now have two solutions that complement each other perfectly, ensuring we fulfil our responsibilities to the public and that our network is future-proofed."

"Local authorities are facing a huge cost burden with the introduction of the Government's GCSX CoCo standards, so choosing a solution that not only assists the IT team to meet security compliance regulations, but which is also compatible with their IT infrastructure, is an enormous task," said Ciaran Rafferty, vice president of Sophos UK&I. "A reputable, accessible security solution that helps IT teams to comply with government standards, as well as adding value to the organisation as a whole, is the key to safeguarding sensitive data and avoiding embarrassing data loss incidents."