Security Trends Reports

The latest info on security trends and threats

Analyst Reviews Sophos Complete Security

A new report from 451 Research explains why small and mid-sized businesses should strongly consider us.

When Malware Goes Mobile

This paper includes step-by-step, platform-specific policies and strategies you can employ to protect your data and keep mobile devices safe from the malware writers determined to break into them.

Mobile Security Toolkit

You’re under pressure to adapt to the way people work and the devices they want to use. We can help you keep your mobile devices under control, and your employees happy and productive.

5 Password Tips for Secure Mobile Devices 

No matter which device you use, follow these tips to keep your data safe. That way you’ll always be secure, even if your device is lost or stolen.

Mobile Device Security: What Senior Managers Should Know

New devices bring increased cost of administration, risk of data loss and reputation damage if they aren’t managed correctly. This article provides clear, practical guidance on how you can make sure mobile devices are a benefit rather than a risk for your organization.

Top Eight Security Tips for Windows 8

Although Windows 8 offers enhanced security features, it also raises new security concerns because of changes to the graphical user interface and a new online app store. These eight security tips can help you stay secure as you move to Windows 8.

Protecting Data Everywhere With SafeGuard Enterprise

This paper explores the main developments in data protection and how your SafeGuard Enterprise solution can help you protect data everywhere.

Hot Tips for Securing Your Wireless Network

Whether you're a home user, small business or enterprise, read our top 11 tips to make sure you secure your wireless network. And watch our warbiking video to see what we discovered about unsecured wireless networks and Wi-Fi hotspots around London.

Threatsaurus: The A-Z of Computer and Data Security Threats

Whether you're an IT professional, use a computer at work, or just browse the Internet, our Threatsaurus is for you.

Exposing the Money Behind the Malware

Today’s cybercriminals are driven by one thing—money. Read this report to understand how today's cybercriminals make their payday.

BYOD Risks and Rewards

Employee-owned devices in the workplace are becoming the rule rather than the exception. Find out how to keep employee smartphones, laptops and tablets secure.

Protecting the Network's Expanding Perimeter

This whitepaper explains how integrated UTM solutions protect your network, your data and your endpoints, no matter where or how your users connect.

Infographic: Evolution of Network Security

See how threats and security technologies have evolved over time, from the first firewall to modern UTM.

8 Trends That Are Changing Network Security

Stay up to date with the latest technology trends affecting your network security.

Network Security Survey

Find out what other IT security professionals say about their needs and concerns about their network security and their users.

Top 5 Myths of Safe Web Browsing 

You think you're web users are secure. But you might not know that common myths about safe browsing could put you at risk. We explain the top five myths and give you the facts.

IT Security DOs and DON'Ts 

We make training your employees on IT security easy. Get all the free tools you need to educate your employees and keep them safe. No catches and no forms to fill out.

Fixing Your Dropbox Problem: How the Right Data Protection Strategy Can Help

This whitepaper explains the risks of consumer file-sharing services and the public cloud. And it gives you easy steps to take to protect your data and fix your Dropbox problem.

Buyers Guide to Web Protection

This buyers guide can help you in your search for the best web protection. It gives you detailed checklists to help you identify and evaluate the security capabilities you need.

The 4 Rules of Complete Web Protection

We explain today's major web threats and give you our four rules of complete web protection. And we show you what tools you need to get the job done simply.

IT Security Year in Review: 2011

Top trends of 2011 and predictions for key developments in 2012.

Endpoint Buyers Guide

This buyers guide provides independent research and test results to help you determine your endpoint protection requirements and identify the security vendor that best meets your needs.

3 Simple Steps to Better Patch Security 

In this whitepaper we explain how three best practices for patch assessment can improve your security and compliance.

8 Threats Your Antivirus Won't Stop: Why you need endpoint security

Our report outlines eight common threats that traditional antivirus alone won't stop, and explains how to protect your organization using endpoint security.

Data Protection and How to Do It

Get five great resources to help you execute a data protection strategy.

Consumerization of IT: Featuring expert anlysis from Gartner

You don't have to do it alone—see what company leaders and security experts are saying.

Security Threat Report Mid-Year 2011

You can't ignore your "safe" devices—including mobile devices—any longer. Recognize and stop the threats before they do harm.

7 Tips for Securing Mobile Workers  

Discover ways your organization can improve mobile security and keep business data safe.  

Virtualization As a Disaster Recovery Strategy

Learn how to accelerate disaster recovery using virtual servers to host the applications you need to rapidly recover operations and restore business continuity.

How to Protect Your Network From Cyber Attacks

There are three measures network administrators can take to avoid network attacks and to protect your data: network based mitigation, host based mitigation and proactive measures.

Protecting Virtual Servers From Modern Attacks

More and more companies are virtualizing their production servers. Learn more about affordable, easy to use and complete security solutions that SMBs can run within a virtual environment.

Basic Security Measures We Sometimes Forget: Lock Your Computer

Network security starts with you. Locking your computer when you leave your work station prevents anyone else from accessing the information on it. Following basic security measures is a simple step toward protecting yourself and protecting your company's network.

Aligning Compliance and Security

Start with the fundamental idea that information security “secures” information. Determine what information must be protected. Then ask yourself the three questions in this article to help you connect the dots to reduce your exposure and simplify future security and compliance tasks.

What Is a Botnet?

Botnet is the term used for a group of malicious software that runs autonomously and automatically. Avoid botnet infestation by avoiding accidentally downloading malicious content and protecting your network with strong network security tools.

Botnet Mitigation

Botnets can either be benign or catastrophic. Follow these simple tips to reduce the attacker pool and the likelihood that your machines and your business will be attacked.

Why You Should Treat Social Media Like Email

The best way to stay safe on social media sites is to treat them like they are your email accounts. Use common sense when opening emails and content filtering to block sites with known malicious content.

Challenges of PCI and Remote Offices

The nature of PCI regulations means it will affect organizations with multiple locations, typically banks, stores, and restaurants, are those most likely to touch credit card data. By managing security through a centralized point using a single security device, all sites can become PCI-compliant.

How to Use Social Networks at Schools

Facebook, Twitter, and other online social networks play a major part in the lives of today’s youth. Content filtering technology prevents access to social networking sites when it isn’t appropriate, while continuing to protect students, teachers and the network from malicious Internet content.

6 Tips on How to Make Your Wireless Networks Unbreakable

Wireless networks are present in most homes and businesses, but the convenience they offer can open unsecured paths onto your network. Here are six quick tips to help strengthen your wireless network’s protection.

Hacktivism: How to Stay One Step Ahead

While hacktivists consider themselves social advocates for change, the act of hacking a user’s account or site is a criminal offense. Sophos recommends three steps to help mitigate exposure of your accounts and systems to online offenders.

Evolution of Online Attacks Mirrors the History of Advertising

Taking a page from advertisers’ playbooks, cybercriminals and hacktivists are writing malicious code designed for a specific targeted attack. Increased awareness coupled with taking control of your security policy enforcement reduces the risk of your business being targeted and your data hacked.

Are Wireless Access Points Part of Your Network?

Access Points (APs) extend the network to accommodate growing numbers of users, devices and visitors. In most cases, however, APs are evaluated and installed without considering or leveraging existing security devices. Learn how to plan, design and execute a sensible and enforceable Wi-Fi policy.

Macs Can Be Infected Too

Once a differentiator for Apple, the recent infection of more than 600,000 Macs by Flashware (malware), demonstrates that even Apple is not immune from attack by cybercriminals. Learn how, when it comes to Macs or PCs, malware writers are an equal opportunity group.

Securing Your Distributed Workforce

According to a recent study, allowing employees to telecommute or work out of remote offices closer to their homes can improve productivity by up to 20%. Connection is only the first step—then you need security. Learn how new technologies are making this possible.

I Don't Need to Filter Web Traffic, I Trust My Employees

Web content filtering does not need to be overly restrictive to be effective. Foster trust with your employees through a strong web content filtering solution based on your organization’s acceptable use policy and common sense.

Tips for Providing Secure Access to Web Application Servers

You can protect your web servers using techniques such as installing web application servers in a protected DMZ or monitoring logs for signs of anomalies, but a layered defense through a web application firewall (WAF) protects against web server, cross scripting and SQL injection attacks.

Telemedicine and Improving Patient Care

For rural areas of the country that find it to difficult to attract doctors, telemedicine is a solution that makes it possible to set up a remote healthcare facility and monitor patients from afar, promotes the proliferation of electronic health records and makes telehealth a reality.

Getting the Most From Your Vendor Relationship

You may think that deciding which products to offer is the most important part of developing your reseller business. But the most important point in the process is deciding which partner program to join.

Demystifying Cloud Computing

There's a lot of hype and confusion about cloud computing. We explain what cloud computing is, and what it isn't

The State of Data Security: Defend against new risks and stay safe

Learn how and why data security breaches occur and what you can do to stop them.

Virtualization Security Strategies for Today's Businesses

IT Security Trends newsletter, featuring complimentary Gartner Research, explores how to secure protection and performance for your virtual environment.

Malicious JavaScript Attacks: What can you do?

Find out what to watch for and learn about the security strategies that will help keep you safe.

Virtualization, Secured

With virtualization, you save money. You'll reduce the hardware you have to buy and manage, you'll save on power to run the hardware, and you'll save time trying to keep all your computers in line with corporate standards.

Security Threat Report: 2011

We will remember 2010 as a year in which our interaction with technology, and with each other, evolved due to the widespread adoption of social media and the use of innovative mobile devices.

Why Hackers Have Turned to Malicious JavaScript Attacks

Find out how criminals use malicious JavaScript for profit and how it impacts your business.

Protecting PII: It's easier than you think

Identity theft happens, but it doesn't have to happen to you. Learning about personally identifiable information (PII) is the first step to keeping it safe.

Sophos Positioned in Leaders Quadrant for Mobile Data Protection

Mobile data protection (MDP) systems and procedures are needed to protect data privacy and to comply with audit requirements. Because of this, every company must include MDP in its IT operations plan. Gartner's 2010 Quadrant for Mobile Data Protection, assesses security vendors' completeness of vision and ability to execute in the competitive mobile data protection market.

PCI Toolkit

This online toolkit includes the resources you need to keep your data safe, be compliant and secure your network.

Massachusetts Data Security Compliance: Is your business ready for regulation 201 CMR 17.00?

Massachusetts requires companies to implement a data security plan that includes encryption. Learn how to ensure your organization complies with the 201 CMR 17.00 regulation.

Security Threat Report: Mid-Year 2010

Threats pop up every day. And cybercriminal activity is skyrocketing. Learn the latest attacks and how to keep threats at bay.

The Windows Shortcut Exploit: What you need to know

Find out more about the CPLINK Windows shortcut exploit—what it is, what's at risk, and how you can protect against it.

Protecting K-12 Students' Personally Identifiable Information

Virtually every school acquires, uses and stores personally identifiable information about its students. Our report examines the challenges schools face and provides ways to protect the safety of this sensitive data.

Social Media in the Enterprise: Great opportunities, great security risks

This report examines the business effects of social media, explores its evolution and presents ways businesses can realize its full benefits while avoiding potentially serious pitfalls.

K-12 Security Toolkit

This online toolkit includes the resources you need to keep students and staff safe online and to secure your network.

10 Myths of Safe Web Browsing

Are you suffering from misconceptions about safe web browsing? You might think you're being safe, but with a newly infected webpage discovered every few seconds, it's next to impossible to stay up to date on infected sites.

Keep Your Virtual Data Center Safe

Our practical guide shares 10 best practices to protect virtual servers running in the data center.

Stopping Fake Antivirus: How to keep scareware off your network

This paper provides insight into where fake antivirus comes from and how it is distributed, what happens when a system is infected with fake antivirus, and how to stop this persistent threat from infecting your network and your users.

Top 5 Threat Protection Best Practices

Today's corporate networks face a barrage of threats, ranging from malware to accidental data loss. Your users' endpoints receive the brunt of these attacks, and if they are not properly protected they can serve as a threat portal to the entire network. The following top five best practices offer advice to help you protect your endpoints and your network against an ever-growing body of threats.

Sophos Endpoint Threat Protection Implementation Guide

Get advice on how to best configure Sophos Endpoint Security and Control for your organization.

Controlling the Wild Web: Stop users from using anonymizing proxies to bypass your defenses

This whitepaper discusses the risks of users bypassing web filters and the technologies that organizations can use to combat them.

Web Security Buyers Guide

Learn how to implement a comprehensive web security and control solution.

Five Tips to Reduce Risk from Modern Web Threats

User education and awareness, preventive measures and a modern web security solution are all integral components of a comprehensive defense against today's web threats. This guide covers some essential preventive measures you should implement to reduce your risk and keep ahead of the threats as much as possible.

IT Security Requirements for Healthcare Professionals

IT security trends newsletter featuring a complimentary Gartner Research note explores how to comply with healthcare regulations while driving business forward.

How to Implement a Data Loss Prevention Strategy

Learn how to develop and implement a practical data loss prevention (DLP) strategy, and how data loss can be comprehensively tackled using Sophos solutions.

Enhance Windows 7 Security

Discover essential new security features, ways you can build upon Windows 7 security, and how to prepare for a secure migration.

Independent Review Ranks Sophos Ahead of McAfee, Symantec and Trend

Sophos endpoint security software trumps the competition in a recent independent product review by Cascadia Labs, scoring four out of five, and outperforming Symantec, McAfee, and Trend Micro.

Protecting Personally Identifiable Information

This whitepaper examines the challenges organizations face and the steps they can take to protect themselves and their customers against data breaches and ensure the safety of this sensitive information.

Game Changing Data Protection Strategies for Today's Businesses

IT security trends newsletter featuring a complimentary Gartner Research note explores how to protect data from end to end without compromising business needs or productivity.

Seven for 7: Best Practices for Implementing Windows 7

If you're planning to roll out Microsoft's Windows 7, now is the time to review your endpoint and data protection practices for all your Windows PCs. These seven steps will help you make a seamless, secure migration.

PCI Compliance and How to Take Control

Any organization or retailer that accepts payment card transactions, or collects, processes or stores credit card transaction information must comply with Payment Card Industry Data Security Standard (PCI DSS). Learn how Sophos helps you meet PCI DSS security requirements.

Security Threat Report: 2010

SophosLabs received 50,000 new malware samples every day in 2009. Malware attacks are broadening and becoming more evasive. Read the 2009 security threats trends and learn how to protect yourself in 2010.

iPhone vs. BlackBerry: A mobile device comparison

While the BlackBerry is the go-to mobile device for a security-savvy enterprise, the iPhone has its own arsenal of features to make it effectively secure. Either device can be used as a secure business tool if it is configured properly and used correctly.

Is Your Organization HIPAA Healthy?

The U.S. Department of Health and Human Services (HHS) issued new data breach notification regulations that impose stiffer penalties and are designed to strengthen HIPAA. Are you ready for them?

Operation Aurora: What you need to know

Learn more about Operation Aurora, the targeted malware attack against at least 30 major companies—including Google and Adobe—which exploited a zero-day flaw in Internet Explorer.

Facebook and the Privacy Challenge

Facebook has over 350 million active users and a reported 700,000 new people joining the social networking website every day. But how carefully do Facebook users consider their online privacy?

The State of Privacy and Data Security Compliance

With new privacy and data security regulations increasing, organizations are asking questions. Do the new regulations help or hinder the ability to protect sensitive and confidential information? With these new regulations on the march, how can you remain competitive in the global marketplace? The State of Privacy and Data Security Compliance study—conducted by Ponemon Institute and sponsored by Sophos—provides answers and examines how compliance efforts can impact a company's bottom line.

Not All Malware Detection Is Created Equal

The internet is now the number-one conduit for infecting users with malware. Sophos detects a new infected web page every few seconds. This whitepaper outlines the terms you need to know and the steps you should take to stay safe.

How to Protect Your Critical Information Easily

With employees having greater mobility than ever before to work outside the office, the job of protecting data has never been more difficult. This whitepaper addresses the areas an effective data protection strategy should address.

Solving Four Primary Security Challenges of Microsoft SharePoint

SharePoint is susceptible to a variety of existing and emerging threats. This report examines the benefits and risks and recommends best practices for protecting an organization's digital assets.

High-Performance Protection at the Network Edge—What, Why and How

Combining simplified malware detection with URI filtering can offer excellent proactive protection without overburdening the hardware or the administrator. Learn more about the complex threats facing network-edge hardware and best practices to combat them.

Windows 7 Security: A great leap forward or business as usual?

Debates and discussions have been raging about the security improvements in Windows 7. This whitepaper examines the most significant changes and additions, and looks at what they might mean to users and administrators.

Sophos Positioned in Leaders Quadrant for Mobile Data Protection

Mobile data protection systems and procedures are needed to protect data privacy and to adhere to compliance and audit requirements. Because of this, it's imperative that every company includes mobile device protection in its IT operations plan. Gartner's Magic Quadrant for Mobile Data Protection, 2009 assesses security vendors' ability to execute and their completeness of vision and recognizes leaders in the competitive mobile data protection market.

Sophos Security Threat Report: July 2009 update

2009 has proven malware attacks are continuing to broaden. While the number of web-based attacks outweighs the attacks through email, cybercriminals are turning their attention to Web 2.0 and social networking platforms and alternative programs and tools. This report examines the malware trends that emerged during the first half of 2009, and explains how businesses can defend against them.

Best Practices Top 10: Keep your e-marketing safe from threats

Months of work on a marketing campaign can go down the drain in a matter of minutes thanks to an unforeseen vulnerability on your campaign's microsite. Don't let your company's brand (or your own) get tarnished by a preventable hack. Here are 10 quick tips to make sure your e-marketing is safe from outside—and inside!—threats.

Sophos Security Threat Report: January 2009

The Sophos security report 2009 examines the threat landscape over the last twelve months, and predicts emerging cybercrime trends for 2009.

Trends in Malware Threats: Sophos Security Threat Report 2008

Cybercrime is evolving as organized gangs develop new tactics in their attempts to steal information and resources for financial gain. We review the year so far and make predictions about how virus, spyware, spam and other security threats will develop in 2008.

Sophos Positioned in the Leaders Quadrant for 2007 Endpoint Protection Platforms Magic Quadrant

Gartner's new Magic Quadrant for Endpoint Protection Platforms places Sophos in the leaders' quadrant. Sophos is the first vendor to break into the leaders quadrant since Gartner's initial Magic Quadrant for Enterprise Antivirus in 2002.

Sophos Beats IronPort and Clearswift in Email Appliance Review

Sophos scored higher than IronPort and Clearswift on ease of installation and ease of use, and blocked more spam than either challenger, making Sophos Email Appliances the clear winner in this head-to-head review.

Network Access Control: How compliant are your endpoint computers?

Different network scenarios need different approaches, but the three golden rules of NAC still apply: assess, remediate, enforce. Find out what NAC strategies you should put in place to protect against the risks posed by non-compliant, unmanaged and guest computers.

Data Leakage Prevention

Email is a vital communication tool, but is also poses a major risk to your confidential business data - and damages can quickly reach into the millions of dollars. Find out more about Data Leakage Prevention.

Which Antivirus for Your Small Business?

Sophos Computer Security SBE was rated the best computer security product for small businesses by independent reviewer, Cascadia Labs, beating similar products from Symantec and McAfee.

Trends in Malware Threats

As web threats continue to pose the greatest danger through 2007, our threat report update reviews the year so far and forecasts the trends in malware and security issues for the months to come.

Facebook—Sophos investigates the privacy and productivity challenges

We discovered that 41% of Facebook users were prepared to divulge personal information to a stranger. ID fraudsters can use this information from social networking sites like Facebook to commit crimes against individuals and their companies.

Why Aren't You Switching to Sophos? Find out why it's easier than you think

If you think switching to Sophos could be difficult, take a minute to find out the truth about taking that leap! Find out why the five most common myths about changing anti-virus protection are easily debunked.

Zero-Day Threats: Guarding against the unknown enemy

Your system is constantly vulnerable to attacks from new and unknown threats. Guarding your network against spyware and other malicious software is an ongoing challenge. Find out how the right HIPS protection can stop new malware variants before they operate.

Managed Appliances: Expect more from your security appliances

Save time and effort, secure your system and control your email and web gateways easily with a managed appliance. Remotely monitored and actively supported by the vendor, find out how you can lower your administrative overhead with a complete managed solution.

Phishing, Vishing, Phaxing and Other Identity Threats

Fraudsters don't just want bank details: stolen information can seriously undermine an organization's online reputation. With an increasing risk from bogus phone and fax numbers, spoof websites aren't the only problem. Are you armed against the latest dangers in online fraud?

Spyware-Free Networks

Spyware is designed to steal trade secrets and confidential data. Simply visiting a website can trigger hidden application downloads. With theft of vital data a growing threat to business, Sophos recommends three points of security to make networks spyware-free.

Securing Your Mobile Workforce

With increased uptake of mobile devices, the risks to business reputation, communication and continuity are becoming more serious. Find out how mobile devices get infected, and learn about threat management with Sophos Endpoint Security and Data Protection for mobile devices.

Network Access Control

By implementing Network Access Control protection you reduce the risk of rogue, guest, non-compliant, or infected systems compromising your network security. Find out how you can control who and what is allowed onto your network using Sophos software.

Securing Your Company Boundaries

Failure to protect enforce messaging and browsing policies and meet regulatory compliance can put your network at risk—exposing you to loss of confidential data, reduced productivity and legal liability. Find out how to safeguard against the changing nature of email and web-based threats.

Windows Vista, Is It Really Secure?

Do Windows Vista's new security features measure up to Microsoft's aspirations to remove the vulnerabilities of earlier operating systems? Find out whether security vendors' criticisms are well founded, and read our opinion about Windows Vista.

Spam: Marketing, identity theft and malware

Vast amounts of spam try to penetrate the enterprise gateway every day, many designed to steal passwords and confidential information. We explain the growing challenge as cybercriminals tweak their campaigns to evade spam filters.

download Download our free Virus Removal Tool
Find what your antivirus missed