What is compliance?

For many, it's pressure from customers and auditors to be compliant with external regulations. For others, it's applying internal policies to make sure data is protected. Compliance is complex, frequently changing, and difficult to manage.

There are 5 key areas of focus:

• Authentication – support password and tokens
• Access control – control access to data, servers, web content and applications
• Malware protection – maintain up-to-date anti-virus, firewalls, and security patches
• Encryption – making data on laptops and devices inaccessible if stolen
• Monitor and report – constant compliance assessments and audit reporting

Sophos can help

With over 85% of computers missing critical security applications or patches – the risk of a security breach is real. Non-compliance can result in fines, criminal penalties, loss of credit card processing privileges and adverse publicity. That said, complying with all relevant regulations and guidelines can seem overwhelming, but with the right combination of policies, technologies, and strategy, you can achieve a fully secure network and enforce compliance.

• Built-in endpoint assessments in Endpoint Security and Data Protection enforce and check against specific security policies, encryption, and network access control.
• Integrated inscription and content filtering with Email Security and Data Protection prevents data leakage and ensures the confidentiality of email.
• Easy compliance enabled by Web Security and Control's acceptable use policy ensures users are not exposed to inappropriate content.
• Comprehensive security policies provided by NAC Advanced check that any computer accessing the network - even those not owned by the company - are in full compliance.