With online retailing taking over traditional shopping, retailers today have become prime targets for cyberattacks. In this environment, credit card issuers mandate compliance with the Payment Card Industry Data Security Standard (PCI DSS) regulations, which have become more stringent over time. Sophos solutions provide comprehensive data protection to help you in your efforts to stay PCI DSS compliant. Our multi-layered security includes next-gen firewalls plus protection and encryption of data on PCs, servers, mobile devices, portable media, and email.

Next-gen security to protect cardholder
data when stored and transmitted.

Synchronized Security

Sophos synchronized security links your endpoint and network security products so they work together as a system to protect your users and cardholder data across all points of the network. The firewall automatically isolates compromised endpoints while endpoint protection terminates and removes malicious software.

Firewall Configuration to
Protect Cardholder Data

Sophos firewalls allow for granular, rule-based control of incoming and outgoing network traffic to specific ports and services. Capabilities like Network Address Translation (NAT), detection and blocking of spoofed IP addresses, and stateful traffic inspection help you protect cardholder data.

Protection of Stored and Transmitted Cardholder Data

SafeGuard Encryption offers persistent encryption as soon as the content is created. This encryption stays on when shared across platforms and devices or uploaded to the cloud. SafeGuard ensures seamless management of keys and recovery functions on BitLocker (for Windows systems) and FileVault 2 (for Macs) to protect data on lost or stolen devices. Sophos’ SPX encryption encrypts email content during transit that is easily decrypted by the intended recipient without additional software. Data on mobile devices is secured within a secure container with the Sophos Secure Workspace app.

Protect cardholder data wherever it is accessed.

  • Integration of Sophos UTM and firewall with Active Directory and other authentication servers to enforce authentication services like one-time passwords (OTPs) to web admin, User Portal, etc.

  • Integration of Sophos Endpoint and Server Protection with Active Directory, enabling you to enforce specific end user policies, such as for DLP, device control, and more

  • Sophos Mobile, enabling you to enforce encryption and password policies

  • Device encryption features for iOS, Android, and Windows phones are supported as in Samsung Knox

  • Sophos UTM and firewall allows granular, policy-based control over users, apps, web, and content to limit access to cardholder data based on business need-to-know

  • Integration with Endpoint Protection enforces security even off-network

  • Guest portal with full logging of all authentication and connection activity with Sophos Secure Wi-Fi

  • Role-based management to separate authorization levels and detailed logging of all access attempts with SafeGuard Encryption

  • User-activity snapshot and real-time alerting with Sophos UTM and firewalls

  • Control over remote access authentication and user monitoring, while logging all access attempts

  • With Sophos Wireless Access Points, manage all authentication and access monitoring from clients for access to the payment card environment, while logging all access attempts

  • With Sophos Mobile, get detailed log events of all malicious activities on mobile devices to help identify suspicious activity trying to access cardholder data

  • Mobile Security Privacy and Security Advisor tools in Sophos Mobile alert users to apps that try to access the internet and various data sources

  • Detailed logging of all access attempts with SafeGuard Encryption

Integrated protection against advanced threats.

Continuous Malware Protection

Sophos Endpoint Protection provides behavior- and analytics-based malware protection with real-time lookups. Server Protection protects servers from malware without impacting performance. Sophos Mobile for Android protects users from malicious apps or potentially unwanted apps (PUAs). Secure Web and Email Gateways block malware through websites and over phishing emails respectively, with up-to-date intelligence from SophosLabs.

Next-Gen Advanced Threat Defense

Our powerful, cloud-based, and next-generation Sophos Sandstorm technology keeps you protected against APTs, zero-day, and unknown threats quickly and accurately. Detect, block, and respond to evasive threats that other solutions miss with Sophos Sandstorm. Fully integrated into your Sophos security solution, Sophos Sandstorm keeps unknown data-stealing malware off your network.

SophosLabs Threat Intelligence

SophosLabs, our global network of highly skilled and thoroughly trained security and risk analysts, work around the clock with advanced automation to identify and stay ahead of the latest threats. SophosLabs provides continual intelligence updates on the latest malware hosting, phishing, and distribution sites as well as anonymizing proxies and other risky sites. Sophos provides updates in real time via our Live Protection network.

What are you waiting for?

Let our experts at Sophos help to build the right solution for your needs.

This is not an exhaustive review of all elements of the Regulation, nor is it legal advice. Please consult your own legal experts if required.