Sophos Central Device Encryption

Because our clients have top-secret products and processes, we must work on a highly secure network. We also need to protect our data from hackers, so we need complete control over network security. To allow certain websites and block others, Sophos Central makes it easy to granularly control each device on the network, as well as overall internet security rules.

It is mid-level when it comes to running it by a non-IT person. I have no technical/IT training and can figure out on my own (or with a little web search) how to do most tasks. It may not be best for the very tech-challenged operator.

We have rolled out Sophos Central Device Encryption at multiple organizations. As administrators, we now have more control and oversight over the security of our endpoints. Through the real-time dashboard, I can see which systems are fully encrypted with BitLocker and where further action is needed. The rollout went smoothly: BitLocker was automatically activated without any user issues. Thanks to the self-service recovery portal, support requests have dropped significantly. Management is now more streamlined, and we can better meet compliance requirements.

We recently rolled out Sophos Central Device Encryption for a client, and the results were fantastic. Thanks to centralized management, we can monitor all devices in a single overview without additional infrastructure. The implementation was quick- no separate agent required, everything integrated into their existing Sophos solution. What proved especially useful was the self-service portal for recovery codes; this significantly reduced support tickets. Additionally, the real-time reporting is invaluable for audits and compliance. Especially when combined with Intercept X, it provides a solid, comprehensive security solution. I believe this could also be an excellent solution for several other clients.

My organization uses Sophos Central Device Encryption to protect corporate endpoints with encryption and BitLocker management from its web-based Sophos Cloud solution. It addressed the need for encryption on mobile devices and provided a necessary solution while allowing us to manage the encryption, passwords, access, and removal of the keys in case the device is lost.

Sophos Central Device Encryption provides robust, centralized management of BitLocker and FileVault. Its seamless integration, simplified key recovery, and compliance reporting make it ideal for effectively securing data. However, it can be complex to configure for some environments. The reliance on specific hardware and software can lead to compatibility issues and increased administrative overhead for smaller teams.

A easy way to central manage Bitlocker throughout a clients network. Force new endpoints to start encrypting the hard drive As well as centrally keep a copy of Bitlocker recovery keys.

If you need to enforce hard drive encryption throughout your company and want a way to centrally rollout, enforce and manage. Then Sophos Central Device Encryption will work for you. Also keep in mind that when it comes to managing Bitlocker, you dont need something flashy, It needs to enforce a policy, keep track of Decryption keys for easy recovery. And thats about it

We wanted to ensure our endpoints are secure and protected. We wanted to make sure the right access and policies are driven across the organisation and right amount of visibility is provided. Also from the compliances perspective we wanted to make sure that we are covered. Sophos Central Device Encryption provided a centralised control for the IT team to monitor in case of any attack making sure that CXs are in peace of mind wrt to the data and device at risk.

If you want to cover your Infra from the compliances standpoint along with security and encryption posture then this is the solution you should sign up for. If there huge endpoints in your org, with this solution and with the expertise of Sophos Central Device Encryption in this domain you can safeguard your end points and the terminals along with network at the outset making sure that the stakeholders are at peace.

Sophos Central Device Encryption has been a huge help with compliance based issues. Customers that need extra protection and assurance have come to count on Sophos Central Device Encryption. We have sold it to many enterprises and small business clients who needed it for a variety of reasons including, protecting client laptops, meeting the needs for cyber security portfolios, and giving CEO's peace of mind knowing their networks are more secure.

Sophos is great in many cases, when a client asks about getting cyber security insurance, I can feel confident starting with Sophos Central Device Encryption. If a client has between 50-200 users, this product is very strong. This product is not suited for business cases where users are 0-25 unless they have both the budget and the specific need.

We migrated from an on-premise Sophos SafeGuard solution. This was coupled with a separate on-premise Sophos Anti Virus. So the systems were on two separate on-premise servers. Also, this meant our users who were increasingly working away from the office, needed to be on the corporate VPN to be able to pick up new definitions and new policies. We migrated to Sophos Central. This is a single online, internet-facing portal that now contains both our Anti Virus and Encryption solutions. We are also a global business and can now have a single global system, with different 'region specific' policies that are applied by putting the endpoint into the region's group. This is much better for administering the systems and also for the users not having to connect to the VPN.

We found the incorporated system of both AV and Encryption to be an absolute breath of fresh air for us.
It is great for small and mid-sized companies. We rolled this out across our 4 global regions. We created region-specific groups for our endpoints and placed the appropriate endpoints into those groups. [Then] we defined policies for AV and Encryption that would be used inter-region and assigned roles to the different regions' support staff. Great stuff.

SafeGuard is deployed on all laptops to provide full disk encryption to protect our companies and clients data at all times. It also allows us to monitor that encryption status of all our company laptops.

Enforcing full disk in encryption in a corporate or enterprise level IT department.

Not ideal if performance is critical, SSD hard drives can be used to mitigate performance.

We use Sophos for our email security. Together with Sophos partner we manage to use Sophos to encrypt certain emails. And we manage to use Sophos for the approval of the encrypted email. Before the email is sent to the recipient, the encrypted email will be quarantined. Once the IT Security gets the approval from the sender's Division Head, then IT Security releases the email. And the sender will receive the key for decryption, and sender needs to forward it to the recipient.

From my experience Sophos could give us a proper email security solution at that time. However once the requirements of the security gets bigger such as machine learning, at that time we do not find it in Sophos. Despite all, we are really satisfied with the Sophos email security solution that we use.

[It's being used by the] Organization to protect data using the Safeguard SOPHOS disk encryption solution. Sophos disk encryption is implemented across the globe/within entities.

Well Suited

• Large organization, centralized management

Less Appropriate

• Cross-domain functional, trust relationship creates problem