Sophos expands hybrid work security with new workspace protection suite

New browser-centric approach helps organizations control AI use, reduce infrastructure complexity, and secure distributed work environments.

Joe Levy, CEO of Sophos

Sophos has introduced Workspace Protection, a new solution designed to help organizations secure hybrid work environments while maintaining visibility and control over emerging technologies such as artificial intelligence. The launch broadens the company’s security portfolio with a model that focuses on protecting the workspace itself rather than relying solely on traditional network-based architectures.

As hybrid work models become permanent and SaaS adoption accelerates, many organizations have relied on layered SASE and SSE deployments to secure users and applications. While effective in some scenarios, these architectures can demand significant infrastructure, expertise, and operational management. The result is often increased cost and complexity, with persistent blind spots in how applications, data, and AI tools are actually used.

Workspace Protection takes a different path. Instead of routing traffic through centralized systems, it embeds controls directly into the workspace, allowing protections to follow users, applications, and data wherever work happens. This design aims to reduce operational overhead while delivering consistent policy enforcement across corporate offices and remote locations.

At the center of the offering is the Sophos Protected Browser, powered by Island and integrated with the Sophos Central platform. With most of today’s work conducted in web browsers, the solution places security controls inside the environment where employees already operate. Organizations can manage application access, oversee data handling, and apply web policies without disrupting user workflows.

The announcement comes as companies grapple with the rapid adoption of generative AI and other emerging tools. Studies indicate that a growing share of employees are already using AI applications in their daily work, often before governance frameworks are established. This trend has intensified concerns around Shadow IT and Shadow AI, where unsanctioned tools may expose sensitive data or create compliance risks.

By providing visibility at the workspace level, Sophos aims to give security teams greater insight into how applications and AI tools are being used, enabling more informed risk management and policy enforcement.

The Workspace Protection suite combines several integrated components that can be deployed together or individually. These include a Chromium-based secure enterprise browser with granular controls over application usage and local data handling; Zero Trust Network Access capabilities that grant secure, posture-based access to private applications; a cloud-delivered DNS security service that blocks malicious or unwanted domains; and an email monitoring add-on that enhances protection against phishing and other threats within Microsoft and Google environments.

Industry analysts view this browser-focused approach as a pragmatic evolution in hybrid work security. By shifting enforcement closer to the endpoint and browser, organizations can achieve many of the outcomes traditionally associated with SASE and SSE, such as access control and web protection, without adding another layer of infrastructure.

Company executives emphasize that the goal is to balance security with usability. As hybrid work and AI adoption continue to reshape enterprise environments, Sophos positions Workspace Protection as a streamlined alternative for organizations seeking stronger governance over applications and data, without introducing additional operational strain.

With this launch, Sophos signals a broader shift in how enterprise security is delivered—moving from perimeter-based models toward embedded, workspace-level protection designed for the realities of modern work.