{"id":22390,"date":"2023-07-06T03:20:55","date_gmt":"2023-07-06T11:20:55","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2023\/07\/06\/news-16120\/"},"modified":"2023-07-06T03:20:55","modified_gmt":"2023-07-06T11:20:55","slug":"news-16120","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2023\/07\/06\/news-16120\/","title":{"rendered":"Health Scores added to the Sophos Account Health Check"},"content":{"rendered":"<p><strong>Credit to Author: rajansanhotra| Date: Thu, 06 Jul 2023 09:15:26 +0000<\/strong><\/p>\n<div class=\"entry-content lg:prose-lg mx-auto prose max-w-4xl\">\n<p><span data-contrast=\"auto\">The <\/span><a href=\"https:\/\/news.sophos.com\/en-us\/2022\/09\/05\/sophos-account-health-check\/\"><span data-contrast=\"none\">Sophos Account Health Check<\/span><\/a><span data-contrast=\"auto\"> enables customers running Sophos Endpoint and Sophos Server Protection to quickly identify and address configuration issues with their Sophos protected devices.\u00a0<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559737&quot;:60,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Accessed through the Sophos Central platform, the Health Check performs checks across four areas, with more coming soon:<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559737&quot;:60,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"3\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"auto\"><strong>Software assignment<\/strong> \u2013 do devices have all the right software assigned to them?<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559737&quot;:60,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"3\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\"><strong>Threat policy<\/strong> \u200b\u2013 are policies using recommended settings?<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559737&quot;:60,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"3\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\"><strong>Exclusions<\/strong>\u200b \u2013 are any exclusions creating significant exposure?\u200b<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559737&quot;:60,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"3\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\"><strong>Tamper protection<\/strong> \u2013 has tamper protection been disabled?<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559737&quot;:60,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">Should an issue be identified, the \u2018Fix Automatically\u2019 option enables customers to address insecure configurations in just a couple of clicks.\u00a0<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559737&quot;:60,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">We continue to extend and enhance this hugely popular feature and have recently introduced the ability to \u2018snooze\u2019 failing checks, enabling customers to come back and review them later, together with new Health Scores.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559737&quot;:60,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<h2><span class=\"TextRun SCXW28042466 BCX0\" lang=\"EN-GB\" xml:lang=\"EN-GB\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW28042466 BCX0\">Health Score<\/span><span class=\"NormalTextRun SCXW28042466 BCX0\">s<\/span><\/span><span class=\"EOP SCXW28042466 BCX0\" data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559737&quot;:60,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">This new feature provides a simple, clear numeric security posture score out of 100. It enables customers running Sophos Endpoint and Server Protection to quickly identify configuration that requires attention, and track and report on efforts to improve their security configurations. It includes both an overall score for the customer environment, as well as individual scores for each separate check.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559737&quot;:60,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">As with other elements of the Sophos Account Health Check, the scores are a useful tool in overall cybersecurity posture management and should be used alongside broader assessments of your wider environment and security technology stack to provide a complete picture of your cyber health.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559737&quot;:60,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">The screenshot below illustrates the multiple layers of scoring that is provided. This account has an overall health score of 74, which is the result of a protection score of 45, a policies score of 99, a tamper protection score of 45, and an exclusions score of 88.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559737&quot;:60,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Dark-Mode-002.png\"><img decoding=\"async\" loading=\"lazy\" class=\"alignnone wp-image-92503\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Dark-Mode-002.png?w=300\" alt=\"\" width=\"831\" height=\"465\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Dark-Mode-002.png 1781w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Dark-Mode-002.png?resize=300,168 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Dark-Mode-002.png?resize=768,431 768w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Dark-Mode-002.png?resize=1024,574 1024w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Dark-Mode-002.png?resize=1536,862 1536w\" sizes=\"auto, (max-width: 831px) 100vw, 831px\" \/><\/a><\/p>\n<h2>Score Focus: Protection Installed<\/h2>\n<p>The protection installed score of 45 in the above example is a combination of an endpoint protection score of 0 (indicating that none of the 30 devices have all the Sophos protection software that the customer has licensed, installed on them) and a server protection score of 90 (one device out of ten doesn\u2019t have the licensed protection software installed). These two individual scores result in an overall protection score of 45 (0 + 90 \/ 2).<\/p>\n<p>As this example illustrates, the overall scores are the <em>summed average <\/em>of the individual scores, <em>not a<\/em> <em>weighted average or percentage<\/em>. The score of 45 does not reflect the disparity in the number of server and endpoint devices. This is a deliberate approach to ensure small but critical areas of protection do not get missed.<\/p>\n<p>Consider, for example, an organization with 200 endpoints that are all running up-to-date protection and 10 servers, of which five are unprotected. The weighted average score would be 98 (205 \/ 210) but the summed average is 75 (100 + 50 \/ 2). Using the weighted average, it would be easy to overlook the lack of server protection with potentially devastating consequences.<\/p>\n<h2>Score Focus: Tamper Protection<\/h2>\n<p>Tamper protection is a critical layer of defense, preventing adversaries from disabling Sophos protection. (Read <a href=\"https:\/\/news.sophos.com\/en-us\/2022\/12\/13\/sophos-endpoint-tamper-protection-thwarts-a-sophisticated-ransomware-attack\/\">this article<\/a> to learn how the Tamper Protection capability in Sophos Endpoint thwarted a novel ransomware attack).<\/p>\n<p>While Tamper Protection is always turned on by default, it can be turned off at both a global and individual device level. In the example below, the global tamper protection score of 100 reflects that the feature has been activated at a global level, however the endpoint (0) and server (90) tamper protection scores make clear that it has been disabled on a number of individual machines. The overall score of 45 reflects the average of the endpoint and server scores. This granularity is important in ensuring that gaps in protection are not missed.<a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Tamper-Protection.png\"><img decoding=\"async\" loading=\"lazy\" class=\"alignnone wp-image-92505\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Tamper-Protection.png?w=300\" alt=\"\" width=\"830\" height=\"166\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Tamper-Protection.png?resize=300,61 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Tamper-Protection.png?resize=768,155 768w\" sizes=\"auto, (max-width: 830px) 100vw, 830px\" \/><\/a><\/p>\n<h2>Score Focus: Exclusions<\/h2>\n<p>The exclusion score leverages real-world insights from the Sophos MDR team to focus on the most common and impactful issues, such as the exclusion of an entire drive.<a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Exclusions.png\"><img decoding=\"async\" loading=\"lazy\" class=\"alignnone wp-image-92506\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Exclusions.png?w=300\" alt=\"\" width=\"828\" height=\"196\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Exclusions.png 1469w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Exclusions.png?resize=300,71 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Exclusions.png?resize=768,182 768w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Exclusions.png?resize=1024,243 1024w\" sizes=\"auto, (max-width: 828px) 100vw, 828px\" \/><\/a><\/p>\n<p>The Account Health Check assesses the types of exclusions that we have checks for, focusing on the biggest security risks and the issues most seen in the wild.<\/p>\n<p>The score reflects the proportion of assessed exclusions where we have not identified any issues. For example, if an organization has one exclusion that we check for and one that we don\u2019t cover, their score would be based solely on the exclusion that we check for (in this case, 0 or 100). It\u2019s important to note that a score doesn\u2019t mean that it is perfect, rather that we have <em>not identified it as insecure<\/em>.<\/p>\n<p>Each organization is different and it\u2019s important to be aware that the Exclusions score is not an exhaustive review of all possible exclusions. Should you require an in-depth, personalized review of exclusions in the context of your own organization, our Professional Services team is able to help.<\/p>\n<h2>New Snooze Feature<\/h2>\n<p>While it may not always possible to rectify an issue straight away, it\u2019s essential to not lose sight of it. The new Snooze feature enables you to defer review to a later date, for example if you\u2019re in a change freeze or if you\u2019re rolling out a fix gradually.\u00a0When an item is snoozed, it changes to gray in the dashboard to provide an ongoing visual reminder of an outstanding item.<\/p>\n<p><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Snooze.png\"><img decoding=\"async\" loading=\"lazy\" class=\"alignnone wp-image-92507\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Snooze.png?w=300\" alt=\"\" width=\"830\" height=\"487\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Snooze.png?resize=300,177 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Snooze.png?resize=768,452 768w\" sizes=\"auto, (max-width: 830px) 100vw, 830px\" \/><\/a><\/p>\n<h2>Get Checking!<\/h2>\n<p>The Account Health Check is available to all customers running Sophos Endpoint or Sophos Server Protection in the Sophos Central console. We recommend organizations review their posture on, at minimum, a monthly basis.<\/p>\n<p>For more information, check out the <a href=\"https:\/\/doc.sophos.com\/central\/customer\/help\/en-us\/ManageYourProducts\/AccountHealthCheck\/HealthCheckScores\/index.html\">Health Check Scores<\/a> and <a href=\"https:\/\/doc.sophos.com\/central\/customer\/help\/en-us\/ManageYourProducts\/AccountHealthCheck\/SnoozeHealthIssues\/index.html\">Snooze Issues<\/a> pages in Sophos Central Admin.<\/p>\n<p>We are continuing to develop the Account Health Check capability and will be adding further checks and remediation guidance in the coming months. Should you need help running the check, speak to your Sophos partner or representative, or reach out to the <a href=\"https:\/\/www.sophos.com\/en-us\/support\">Sophos technical support team<\/a>.<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<\/p><\/div>\n<p><a href=\"https:\/\/news.sophos.com\/en-us\/2023\/07\/06\/health-scores-added-to-the-sophos-account-health-check\/\" target=\"bwo\" >http:\/\/feeds.feedburner.com\/sophos\/dgdY<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/07\/Account-Health-Check-3.png\"\/><\/p>\n<p><strong>Credit to Author: rajansanhotra| Date: Thu, 06 Jul 2023 09:15:26 +0000<\/strong><\/p>\n<p>Quickly identify areas needing attention in your Sophos Endpoint and Server Protection, and track progress in posture improvement<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10377],"tags":[29741,11179,24562,19056],"class_list":["post-22390","post","type-post","status-publish","format-standard","hentry","category-security","category-sophos","tag-account-health-check","tag-endpoint","tag-products-services","tag-sophos-endpoint"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/22390","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=22390"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/22390\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=22390"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=22390"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=22390"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}