DOROS HADJIZENONOS Check Point also includes its threat emulation capabilities in the system to protect enterprises from unknown and new threats
Enterprises can protect their data – even if employees use their own devices for work – using data protection company Check Point’s Capsule system.
The system, which enforces partitions on the devices to store data and routes all business communications through a security gateway to the enterprise’s cloud, is simple to administrate and can be installed and switched on within a day, says Check Point South Africa sales manager Doros Hadjizenonos.
Further, the system combines business applications and functions on the device into a single app, including emails, calendar, contacts, virtual desktop, information and document management. It functions on devices using Android, Apple OSx, iPhone and Windows operating systems.
“The data stored in the partition, which we call a container, is encrypted and the container cannot communicate with other applications or device functions. It can communicate only through the secure gateway.
“Any additional applications that companies or individuals want to use can be included in the system, with all data encrypted. This means companies can continue to use useful or free applications and services, such as file-sharing service DropBox, as corporate documents shared through these services can be encrypted and secured,” he says.
Further, because the security functions are split between the mobile app and the cloud, the computing resources of the device are preserved, as fewer processes have to run continuously, compared with other single-function apps or solutions.
The system is role-based, which ensures that access to documents is restricted to the relevant employees. Check Point also includes security notifications, such as informing users that they are sending documents to unsecure or vulnerable emails, –private or free email services – which could expose corporate information.
“Employee actions remain the largest security vulnerability in companies, and our system aims to educate users. It informs them of the policies that they may be breaching and the possible consequences of such actions to the security of company data. It is not best practice to needlessly restrict usability beyond corporate policy, as informed and traceable decisions are more effective.”
However, Check Point also includes its threat emulation capabilities in the system to protect enterprises from unknown and new threats. This system boots up an isolated virtual machine, which runs the operating system and programs required to open an attachment or link, and then registers what the attachment or link attempts to execute on the machine.
This enables the system to determine whether an unknown file or link is malicious. Hadjizenonos invites readers to use Check Point’s emulation demonstration email address (threats@checkpoint.com) or the website https://threatemulation.checkpoint.com/ to test whether links or files are malicious. He also invites information technology managers and potential users to use the free trial version of Check Point’s Capsule: https://capsule.checkpoint.com/.
“Demand for the system has been good and we have gained a financial services firm as a customer within a week of launching the product in South Africa.
”