Sophos Breach Tied to Partner Portal

Entrust CTO

Security Week reports in, “Sophos Kills Partner Portal After Suffering Breach” that the security firm Sophos has disabled its partner portal after discovering a breach.

They aren’t saying much yet — kudos to them for their disclosure and response — but they think that the breach came from an older part of their portal, and not their new one hosted by SFDC. They expect the portal to come back after this week’s holidays.

I recommend two-factor authentication as a big help. I know a company that has a wide range of options including soft tokens that can run on smartphones. They got a perfect score from SC Magazine, are a price leader, and also won their award for Best Multifactor Authentication.

(Full disclosure — I work for them.)

Entrust CTO
Entrust CTO
Chief Technology Officer


  1. Chris December 15, 2013 Reply

    Winner against what competition? Looks like it has no protection against phishing or main-in-the-middle attacks (eg: malicious free wifi) or MitB malware, or basically, looks useless for todays internet

    • Geoff Blaine
      Entrust Inc. December 17, 2013 Reply

      The current version of Entrust IdentityGuard is designed specifically for “today’s Internet” to defend against threats such as MITB and MITM. As an example, the platform establishes a secure channel (TLS) between the Web application and mobile device to create a secure out-of-band channel to thwart any type of MITM or MITB attack. The post in question is more than 18 months, but you’re correct in stating it’s a fast-moving industry and threat vectors are dynamic and sophisticated. While the human element is always the weakest link in defending against concerns like phishing, mobile device certificates and authenticated VPN sessions are necessary to protect from threats like malicious Wi-Fi. Your concern perfectly shows how far the threat landscape has evolved in just 18 months.

Add to the Conversation