Sophos introduces a new approach to data loss prevention within Endpoint Security and Data Protection 9

Sophos Press Release

Designed to overcome the predominant objections to implementing DLP— complexity, cost and manageability


Boston - October 14, 2009 - IT security and data protection vendor Sophos today announced that it has fully integrated data loss prevention (DLP) capabilities into the new release of Sophos Endpoint Security and Data Protection, version 9, - thus enabling businesses to have visibility and control over sensitive data without requiring the deployment of any additional agents or any additional licensing costs. Within Sophos Endpoint Security and Data Protection 9, which is available immediately, Sophos is uniquely delivering to customers a range of data protection functionality-consisting of full-disk encryption (integrated in June 2009), device control, application control, and now DLP -all managed from a single, simplified dashboard.

Sophos is 'changing the game' with how DLP is managed by:

  • Eliminating the need for an additional endpoint agent given that Sophos has developed its own content-aware DLP technology that leverages the existing content scanning engine to monitor sensitive data.
  • Simplifying and automating data control policy creation and management, which eliminates the need for costly professional services engagements for implementation or additional IT resources for day-to-day management.
  • Focusing on empowering IT teams to involve their end users in managing the appropriate use of sensitive data, which ultimately improves end user productivity.

Sophos is making DLP accessible to businesses unable to expand their budgets or IT teams any further. The latest upgrade also appeals to those enterprise customers who have evaluated, but ultimately rejected standalone DLP products based on their level of complexity.

"At its core, the data loss problem is one largely of human error or irresponsibility," said Rainer Gawlick, chief marketing officer at Sophos. "Some of this is due to lack of knowledge, some is due to end user resistance to, and circumvention of, overly restrictive IT policies. Our approach to DLP acknowledges end user needs and preferences and guides them in safe data handling practices."

Additional capabilities in Sophos Endpoint Security and Data Protection 9

In addition to integrated data loss prevention, Sophos Endpoint Security and Data Protection 9 includes several new features and functionality aimed at further simplifying how customers manage their endpoints such as:

  • Reporting: Our new reporting wizard enables administrators to easily create and customize reports that can be scheduled and emailed to selected recipients. Sophos also delivers new compliance and user based reports.
  • New application control features: Sophos has added the ability to whitelist/blacklist applications that can adversely impact network and user productivity, such as VoIP, IM, P2P.
  • New device control capabilities: Customers can now block/allow removable storage including USB sticks, music players, external hard disks, CD/DVD drives and wireless connection technologies (Wi-Fi, Bluetooth and Infrared). Policies based upon groups can be created centrally and device block events are reported instantly via the Enterprise Console dashboard.
  • Simplified cross-platform security: MAC 10.6 64-bit is the latest platform that Sophos now supports.
  • Enhancements to centralized management: Sophos customers benefit from greater role-based administration capabilities including three default role levels (administrator, help desk and report only) to give those responsible for management greater control over policies and actions.

"Sophos continues to set the bar by adding new features and functionality to its endpoint security solution, giving customers the best protection without tacking on additional fees," said IT Security Manager John Raymond at SAFE Credit Union based in Northern California. "There aren't too many security vendors providing easy-to-manage malware and data protection using one agent and one management console that are able to deliver significant product updates and support without also significantly increasing your budgetary requirements. With the growing demands on businesses to comply with industry, state and government regulations, adding DLP functionality comes at a pivotal time for budget-conscious IT teams as they look better protect confidential member, employee and company information."

According to Gartner, "DLP deployments have not reached critical mass, where it would be expected that an organization should have this capability. However, content-aware DLP will become part of the standard of due care in the U.S. by year-end 2011, and by 2015 in the European Union".[1]

"Integrating DLP is a value-add for customers as many businesses are tasked to better protect company data and personally identifiable information with less budget and often less IT Staff. Sophos meets both challenges with one solution and one budget," said Sophos Channel Partner, Greg Abrams, vice president and chief technology officer at PC-PLUS Technologies. "Sophos consistently delivers easy to manage malware, security and data protection solutions for businesses and fully supports us, as a partner, to better serve our clients and for these reasons, we are migrating our customers to Sophos."

[1] Gartner Research "Critical Capabilities for Content-Aware Data Loss Prevention" by Paul E. Proctor, Eric Ouellet. 23 June 2009/ID Number: G00167644.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at