Compliance is vital because it ensures that organizations adhere to legal and regulatory standards, industry best practices, and internal policies. By doing so, businesses demonstrate their commitment to ethical conduct, data security, and customer trust. Compliance helps mitigate legal and financial risks, prevents breaches, and avoids penalties. It also fosters a culture of accountability and transparency, enhancing an organization’s reputation and its ability to operate in a trustworthy and sustainable manner.

By proactively identifying and addressing compliance risks, businesses avoid costly surprises down the road. Share your thoughts.

Cloud security experts are crucial for safeguarding an organization’s data, applications, and infrastructure in the cloud. They bring expertise, experience, and a deep understanding of the unique security challenges posed by cloud computing, helping organizations mitigate risks and maintain a strong security posture.

Attacks are getting stronger day by day and the security must keep up with it. Please share your thoughts.

Network security is important for all organizations, regardless of size or industry. It has also become the central topic of cyber security, with many organizations inviting applications from people who have skills in this area. Let’s have your say.

Sophos Authentication for Thin client (SATC) with Sophos Server Protection enables Sophos Firewall to authenticate users accessing a server or remote desktop. SATC is included with Sophos Server Protection in Sophos Central. It’s part of Sophos Central Server Core Agent and is available with any Server Protection license in Sophos Central. Currently, SATC with Sophos Server Protection only supports Windows Remote Desktop Services. You must download the Windows Server installer from Sophos Central. The installers that you can download would depend on the licenses you have.

Sophos Firewall controls those authenticated users using a session-based approach via an identity-based firewall rule providing more granular access controls per user group.

What To Do

Follow the steps below to set up new SATC client integration with Sophos Server Protection:

1. In Sophos Central, select your username on the top right side and then select Early Access Program. Find “New Server Protection Features” in the Early Access Program and select join.
   
   
2. Once you have gone through the join process, there will be a join device option in the bottom right corner. Select this and add the terminal server. 
3. Add the eligible devices:
4. Once this is done, it may take some time to apply to the terminal server. When writing this article, the versions shown in the screenshot below are the latest versions supporting SATC. 
5. You can validate by checking the SophosNetFilter.exe service running from the task manager > Details: 
6. Turn off tamper protection for server protection. Note the current settings before you turn off tamper protection, as you need to change these back once SATC is activated.
7. Ensure IPS is turned on in the server’s threat protection policy. This setting is on by default. For more information, refer the screenshot below:
   Path On Sophos Central: Server Protection > Policies > Threat Protection > Settings > Server Protection default settings > Runtime Protection. 
8. Set up SATC with Sophos Server Protection.
9. On the server, open a command-line console/Power Shell. Add new parameter Satc PendDuration Ms in SATC, run the following command to turn on SatcPendDurationMs parameter
   command: – reg add “HKLM\Software\Sophos\Sophos Network Threat Protection\Application” /v SatcPendDurationMs /t REG_DWORD /d 300 
10. Please ensure to reboot the Terminal Server once changes are applied.
11. Lastly, check the windows registry to confirm the changes under: HKLM\Software\Sophos\Sophos Network Threat Protection\Application

If you face any issues or need further assistance with this, kindly reach out to our Support team

• The “zero trust” model of security takes the approach that no users or devices are to be trusted.
• The global zero trust security market is projected to reach $52 billion by 2026.
• Driving the growth is the frequency of target-based cyber attacks and increasing regulations for data protection and information security.

The latest catchphrase in cyber security might as well be “don’t trust anyone — or anything.”

The zero trust model of security, which takes the approach that no users or devices are to be trusted without continuous verification, continues to gain momentum as organizations look to stay ahead of bad actors and avoid breaches.

Given what’s going on in Ukraine, the accompanying world tensions, and the constant concerns about Russian-sponsored hackers, the time for such an approach to cyber security seems especially fitting.

The term “zero trust” has taken on multiple meanings as vendors scramble to take advantage of the high interest level. But the definition the National Institute of Standards and Technology (NIST) puts forth is likely the most accepted: “Zero trust is the term for an evolving set of cyber security paradigms that move defenses from static, network-based perimeters to focus on users, assets, and resources. Zero trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location.”

With zero trust, authentication and authorization are discrete functions that cybersecurity teams perform before granting access to any digital resources. It’s become far more important in the age of remote/hybrid work, the rise in cloud services and ubiquitous mobile devices.

Growth in the market

Demand for products that support zero trust is on the rise. Research firm Markets and Markets projects that the global zero trust security market will grow from $19.6 billion in 2020 to $51.6 billion by 2026. The major factors driving the market include the growing frequency of target-based cyber attacks and increasing regulations for data protection and information security.

Attackers that have a specific target in mind go after end-point devices, networks, cloud-based applications, and other IT infrastructure components. The primary motive behind such attacks is to steal critical information, the report said. These attacks can result in business disruptions, intellectual property theft, financial loss, and loss of critical and sensitive customer information.

The U.S. federal government is making a big push toward zero trust. In January, the Office of Management and Budget released a memorandum that mandates a federal zero trust architecture (ZTA) strategy, requiring agencies to meet specific cyber security standards and objectives by the end of fiscal year 2024.

The goal of the initiative is to reinforce the government’s defenses against increasingly sophisticated and persistent threat campaigns, OMB said. “Those campaigns target federal technology infrastructure, threatening public safety and privacy, damaging the American economy, and weakening trust in government,” the agency said.

In the current threat environment, the federal government can no longer depend on conventional perimeter-based defenses to protect critical systems and data, according to the memorandum. A transition to a zero trust approach to security provides a defensible architecture for this new environment.

Also in January, the U.S. Defense Information Systems Agency (DISA) awarded a $6.8 million contract to Booz Allen Hamilton to execute Thunderdome Prototype, a zero trust security platform that it said aligns with a May 2021 executive order from the White House aimed at improving the nation’s cyber security.

During the six-month effort, the agency will test how to implement DISA’s Zero Trust Reference Architecture, which it published in March 2020 for the Department of Defense. It will do this by deploying technologies such as secure access service edge (SASE) and software-defined wide area networks (SD-WAN).

Thunderdome will also incorporate enhanced cyber security focused on data protection, and integrate with existing endpoint and identity management initiatives that are part of the zero trust effort.

DISA said Thunderdome will greatly help to defend and guard systems against sophisticated adversaries, and help modernize the agency’s cyber security infrastructure as well as improve user access to cloud-hosted applications. The deployment of Thunderdome as a new security model will achieve DoD’s overall goals to integrate network and security solutions in the cloud and enhance the protection of end-user devices, DISA said.

Aside from the recent government actions, there are three key trends underway with zero trust, says David Holmes, a senior analyst at Forrester Research focused on security and risk.

The first is that organizations are centralizing and improving their approach to identity management, which is a key component of the zero trust architecture. More are implementing technologies such as identity and access management, multi-factor authentication and single sign-on.

The second trend began during the pandemic, when organizations replaced their virtual private network (VPN) access with zero trust network access (ZTNA). “We talked with 43 organizations using ZTNA, and of those 26 said they had migrated away from VPN toward zero trust for better performance,” Holmes says.

And the third trend is a return to looking for improved security of local networks with zero trust, using technologies such as microsegmentation. “Some of these efforts were underway prior to the pandemic, but were put on hold during that time and organizations are starting to look at it again,” Holmes says.

Use cases for zero trust

There are two main use cases for zero trust among organizations today, Holmes says. One is pushing toward an overall zero trust security strategy, and the other is solving one or two specific problems—such as access — with zero trust.

“My advice to the first group, who are finding themselves in the throes of roadmap creation, is to do a zero trust gap analysis and then prioritize subprojects” such as identity and access management, multi-factor authentication, single sign-on, ZTNA and microsegmentation, Holmes says.

For the second group looking to address specific, tactical problems, Holmes advises that organizations make sure that their zero trust deployments are actually followed through and that the conventional systems they replace are indeed retired.

“For example, instead of just buying and deploying, ZTNA, ensure that [the] VPN is also deprecated,” Holmes says. “If a microsegmentation project is deployed, ensure that it gets put into enforcement mode and not just alerting mode.”

Regardless of the approach, it seems that zero trust as a cyber security approach is here for the long haul.