Network Boundaries Have Gone Mobile

Mobile Security White Paper KEY CAPABILITIES • Secure access control for business resources • Locally stored business data is sandboxed and encrypted • Integrated encrypted communication for remote access • Remote wipe of business data only • Detection and prevention of rooted and jail-broken mobile devices • Single Sign-On (SSO) for ease of use and increased security • Supported on iOS and Android devices Whether your current solutions have all four, two or only one of the above issues, they are still not good enough. That is because the real objective is to provide a seamless mobile experience that maximizes workforce productivity without compromising security. And none of...
Mobile Security White Paper KEY CAPABILITIES • Secure access control for business resources • Locally stored business data is sandboxed and encrypted • Integrated encrypted communication for remote access • Remote wipe of business data only • Detection and prevention of rooted and jail-broken mobile devices • Single Sign-On (SSO) for ease of use and increased security • Supported on iOS and Android devices Whether your current solutions have all four, two or only one of the above issues, they are still not good enough. That is because the real objective is to provide a seamless mobile experience that maximizes workforce productivity without compromising security. And none of the solutions on the market today provide network, device and data protection in a single solution. OPTIMAL MOBILE SECURITY: SEAMLESS PROTECTION IN A SINGLE SOLUTION Assuming equivalent coverage, every IT department would tell you they prefer to manage a single integrated solution rather than multiple individual ones. A seamless integrated solution with multiple mobile security capabilities is the preferred approach. This type of approach is important, because when managing a network, it is vital to have granular control. Granularity is the ability to zoom in to manage individual devices or documents, or zoom out to see your entire network. Check Point recognized this and built a complete mobile security solution, called Check Point Capsule. It enables secure and easy access to your business data without interfering with your personal data or applications, extends your company’s internal security policies to mobile devices, and provides seamless protection for business documents that is unmatched in the market. Check Point Capsule is built with both the user and IT manager in mind. It provides the simplicity and usage freedoms the users demand, and the management granularity and security the IT department requires. As an integrated solution, Check Point Capsule is not prone to the security gaps that typically accompany loosely integrated individual products. It is designed for complete protection. The complete mobile security experience is what truly sets Check Point Capsule apart. The following sections describe the protection capabilities it provides. Its ease of use combined with its protection granularity will empower your organization’s mobile workforce. SECURING DEVICES Many companies don’t bother creating a separate layer of security on their employee’s mobile devices. They rely on the default security provided with the mobile device. When they implement an additional layer, they typically use a Mobile Device Management (MDM) solution. Lost or stolen phones can cause sensitive business data to be compromised. In the U.S. alone, over 4.5 million cell phones were lost or stolen in 2013.3 The number of phones and tablets lost temporarily is likely much higher. When the device is owned by the employee and allowed to access the corporate network under a Bring Your Own Device (BYOD) policy, the employee’s valuable personal data is mixed with business data on the same device. When a device is managed through MDM solutions, the entire device could get wiped if IT suspected it might be compromised. Instead, the better solution would be to protect business data without impacting personal data on the phone in a situation where it may have been lost or stolen. Check Point Capsule is an application that provides a secure and encrypted environment for business data on mobile devices. This prevents data leakage between personal and business data. It is accessed via a personal identification number (PIN) that is separate from the phone’s lock screen PIN. Once entered, the user has access to their corporate email, calendar, and contacts as well as secure documents, web-based applications and their organization’s secure intranet. 3 Juniper Research, December 2013 ©2014 Check Point Software Technologies Ltd. All rights reserved | 3 Mobile Security White Paper KEY CAPABILITIES Check Point Capsule is simple to install, configures automatically and works on any iOS or Android mobile device. In the case of a compromised device or employment termination, all data and access enabled through the application can be erased remotely without impacting any of the employee’s personal data. • Secure documents by default upon creation • Access documents without passwords • Create document access authorization by group or individual Organizations implementing the Check Point Capsule benefit from the increased productivity that comes with mobility without compromising on device security. • View and edit documents on personal computers, iOS and Android smartphones and tablets • Permissions can be set to: read, edit, print, change classification, remove protection, modify authorized users, print screen, and copy/paste • Encryption to protect sensitive data • Monitor document access and use history SECURING DOCUMENTS Most organizations today either opt to not protect documents at all, or protect them using basic password protections. Besides having to remember them, the downside of passwords is that once someone has them, they have access to that document forever. Sharing documents with coworkers, partners, and customers is a daily activity in business today. On average, sensitive data is sent outside organizations every 49 minutes.4 Almost 85% of organizations have used Dropbox to share business documents.5 Think about the several means of sharing data today and number of security gaps they leave. Sensitive documents get attached to emails, shared on cloud sharing sites, transferred via FTP or put on USB thumb drives and exchanged every business day. Once a document leaves the organization, there is typically no insight or control over WHO is accessing it and HOW else it is being shared. Check Point Capsule provides a complete document security solution. Users establish security when they create documents. They can encrypt sensitive documents, as well as define who can access that document and what they can do with it. Authorized recipients can seamlessly access and use documents without the need to remember passwords. On premise management enables organizations to verify and audit who has shared documents, review usage history, and remotely revoke access. Check Point Capsule also provides document tracking and controls throughout the document’s lifespan. Documents can be shared with confidence, because security follows the document wherever it goes throughout its life. 4 5 Source: Check Point 2014 Security Report Source: Check Point 2014 Security Report ©2014 Check Point Software Technologies Ltd. All rights reserved | 4
Download