MGC Wallace Company

White Papers

Sophos experts and leading industry analysts have published a series of white papers addressing and discussing anti-virus and anti-spam issues as well as other related topics. Find out more about the problem of viruses, Trojans, spyware, spam and worms in the whitepapers published below.

Top Four Considerations for Securing Microsoft SharePoint

Microsoft SharePoint is now the standard for internal and external collaboration and content management in much the same way Microsoft Exchange has become the enterprise standard for email. And like Exchange, SharePoint comes with a similar set of adoption challenges: The need to maximize ROI, protect against malware and data loss and establish policies for governance and compliance. This whitepaper examines SharePoint’s key risks and recommends best practices to secure SharePoint and protect your organization’s digital assets.

Malicious JavaScript Attacks: What Can You Do?

As an IT manager, you need to be able to effectively secure all of the websites you manage to avoid attack and the subsequent infection of site visitors. You also need to protect the users within your organization from becoming victims of malware. Organizations can use specific technologies and layered protection strategies to safeguard websites and shield employees. We’ll review what to watch for, as well as the security strategies that will help keep you safe.

Security Threat Report: 2011

We will remember 2010 as a year in which our interaction with technology, and with each other, evolved due to the widespread adoption of social media and the use of innovative mobile devices.

Magic Quadrant for Endpoint Protection Platforms

Malware effectiveness continues to accelerate, while vendors are busy polishing increasingly ineffective solutions and doing little to fundamentally reduce the attack surface and protect users.

Why hackers have turned to malicious JavaScript attacks

Find out how criminals use malicious JavaScript for profit and how it impacts your business.

Strategies for Protecting Virtual Servers and Desktops

Over the past few years, virtualization technology has transformed the data center. Server virtualization enables multiple virtual servers to run off the computing power of one physical server; and due to the well-established cost benefits, this technology has become widely adopted. Now, enterprises are looking to extend these benefits to virtual desktops.

A practical guide to keeping your virtual data center safe

In the past few years, virtualization has transformed the data center. It is now a primary supporting platform for many enterprises. A wide variety of virtualization technologies are available, but only a small number of these technologies have made it to mainstream deployment.

Security Threat Report: Mid-year 2010

Halfway through 2010, cybercrime continues to evolve and grow in both scale and sophistication. Just as folks have changed their habits to accommodate new technologies and new ways of conducting their everyday business, security providers have needed to implement new strategies to cope with the massive growth in new malware and new attack vectors. Knowledge is power, and understanding the dangers posed by the modern interconnected world is the first step toward keeping one’s identity, possessions and finances safe and secure.

Social media in the enterprise: Great opportunities, great security risks

Just as consumerization drove the iPhone’s rapid growth from a consumer device to an enterprise business tool, social media, too, is being embraced as an indispensable business tool. However, as social media is organically adopted for a growing array of uses, are its security challenges receiving the necessary scrutiny? This white paper examines the transformative business effects of this technology, explores its evolution and presents ways businesses can realize its full benefits while avoiding potentially serious pitfalls.

Top 5 Threat Protection Best Practices

Today’s corporate networks face a barrage of threats, ranging from malware to accidental data loss. Your users’ endpoints receive the brunt of these attacks, and if they are not properly protected they can serve as a threat portal to the entire network. The following top five best practices offer advice to help you protect your endpoints and your network against an ever-growing body of threats.

What is FakeAV?

FakeAV, or Fake Anti-Virus, is one of the most frequently-encountered and persistent threats on the web. This malware, with over half a million variants, uses social engineering to lure users, scare them into believing their system is infected with threats that do not really exist, and then push users to purchase services to clean up the non-existent threats.

Protecting personally identifiable information

Virtually every organization acquires, uses and stores personally identifiable information about its customers, employees, patients, students and other individuals. These organizations are expected to manage this private data appropriately and take every precaution to protect it from loss, unauthorized access or theft.

Not all malware detection is created equal

The internet is now the number-one conduit for infecting users with malware. Sophos detects a new infected web page every few seconds. This white paper outlines the terms you need to know and the steps you should take to stay safe.

How to protect your critical information easily

Safeguarding massive amounts of sensitive, confidential data—from legally protected personal information to intellectual property and trade secrets—from malicious attacks and accidental loss is one of IT’s biggest challenges. With employees having greater mobility than ever before to work outside the office, the job of protecting data has never been more difficult.

Protecting Mac and Linux computers: genuine need or nice to have?

The current risk to Macs and Linux computers is small but growing. This paper investigates the threat businesses face from non-Windows platforms, examines the implications of their growing popularity, and highlights regulatory pressure to protect them.

Applications, virtualization, and devices: Taking back control

Employees installing legitimate but unauthorized applications, are a real and growing threat to business security and productivity. Removable storage media and wireless protocols make the challenge of securing data even more complex. This paper explains why control is important and highlights how integrating this functionality into malware protection is the simplest and most cost-effective solution.

NAC at the endpoint: control your network through device compliance

Protecting IT networks used to be a straightforward case of encircling computers and servers with a firewall and ensuring that all traffic passed through just one gateway. However, the increase in mobile workers, numbers and type of device and the amount of non-employees requiring network access, has led to a dissolving of that network perimeter. Access requests can come from anyone and anywhere, which is why organizations are turning to network access control (NAC) technologies. This paper discusses why NAC is important and how it should be implemented on the endpoint for maximum protection.

Effective email policies: why enforcing proper use is critical to security

The unmonitored and unguarded use of email by employees poses a multitude of risks to organizations. The distribution of inappropriate or offensive content, malicious emails, and the risks of data leakage all threaten working environments, IT resources and an organization’s reputation. A comprehensive, transparent and enforceable email acceptable use policy (AUP), combined with robust email security solutions, dramatically reduces exposure to these risks. This paper provides practical guidance on developing and enforcing an email AUP that meets the combined requirements of an organization’s IT, HR and legal departments.

Effective web policies: ensuring staff productivity and legal compliance

Employees increasingly expect to use the internet at work for their own personal use in return for longer hours, taking work home with them and interrupting vacations. This has a number of security, productivity, bandwidth and legal ramifications that require organizations to create and implement a web usage policy that is backed up by effective web filtering tools. This paper discusses how to create a policy that balances an organization’s need for protection against an individual’s expectations.

Protecting against tomorrow’s threats today – proactive security from SophosLabs

Today’s cybercriminals are constantly looking for new vulnerabilities to exploit, they use fast-changing, low-profile threats to infect and hijack computers across the business network. This paper describes how SophosLabs uses its global visibility and 24/7 research operations to facilitate powerful integration of expertise, automation and technology to provide the proactive protection and rapid response that businesses need.