Sophos ZTNA is the first zero trust network access (ZTNA) service that completely integrates with Sophos Intercept X, the industry’s premier next-generation endpoint solution, combining enhanced endpoint security and zero trust network access with a single agent. Sophos ZTNA delivers a transparent and scalable security approach for linking users and devices to apps and data, enhancing and simplifying ransomware and other sophisticated cybersecurity threats prevention.
“Many traditional remote access solutions, like remote desktops and IPsec and SSL-VPN, provide strong encryption, but very little else in defense against modern threats. We see attackers increasingly exploiting these limitations, stuffing credentials into RDP and VPNs to gain access to victim networks, and then moving freely once inside, all too often culminating in costly data theft and ransomware incidents,” said Joe Levy, chief technology and product officer at Sophos .
He added, “People, applications, devices, and data aren’t constrained to offices anymore – they’re everywhere, and we need more modern ways to secure them. Zero trust is a very effective cybersecurity principle, and ZTNA embodies it in a practical, easy to use way, ensuring that users have secure access to only the resources that they need.”
“The future of work will be hybrid, making it imperative that organizations are able to protect remote workers, remote data and remote applications,” said Christopher Rodriguez, research director, Network Security Products at IDC.
He added, “By integrating ZTNA with endpoint protection, Sophos ZTNA enables risk-appropriate access to resources from any device, at any time and from any location. Trust is a key factor in business today – one that requires critical security controls to protect against business-impacting events, such as ransomware and data compromise.”
Sophos also released fresh research today titled “Windows Services Lay the Groundwork for a Midas Ransomware Attack,” emphasising the significance of ZTNA. The study shows how attackers were able to stay undetected in a target’s environment for nearly two months by exploiting weak access controls and network and application segregation, which would have been better protected with ZTNA. Before unleashing the Midas ransomware, the attackers utilised no longer-used “ghost” remote access techniques to move laterally, target and infiltrate other machines, create new accounts, install back doors, and exfiltrate data.
Sophos ZTNAremoves the complexities of managing multiple vendor products and agents, and provides end-to-end protection for endpoints, users, their identities, and the applications and networks to which they connect, thanks to its unique integration with Sophos Intercept X, including Sophos Extended Detection and Response (XDR), Sophos Managed Threat Response, and other solutions using its technology. Sophos ZTNA, as part of the Sophos Adaptive Cybersecurity Ecosystem, exchanges real-time threat intelligence with other solutions and responds to attacks automatically. When the solutions work together, they may better identify active threats and analyse device health, allowing compromised and non-compliant devices to be isolated rapidly.
To protect against invasions, lateral movement, and data theft, Sophos ZTNA microsegments networks. It constantly verifies user IDs using numerous factors and validates device health, giving consumers stronger access controls and denying attackers a foothold. Unlike VPNs, which let users to access the whole network, Sophos ZTNA eliminates implicit trust and only allows users access to certain apps and systems. Sophos ZTNA increases security, simplifies security administration for IT managers, and provides a smooth experience for remote workers by trusting nothing and validating everything.