Most companies have done a good job providing secure access to resources for their remote users. While it has worked relatively well for the short term, it’s looking like the remote work paradigm may be around for a long time. So how can companies ensure full security across the board for remote workers and the assets they manage? Check Point Software Technologies says it has the answer to securing remote work.
Check Point starts with the assumption that one comprehensive, integrated solution is better than a series of point solutions. With that in mind, the company this week introduced Harmony, a unified cloud-based solution for securing remote work that combines endpoint, browser, email and productivity apps, and zero-trust network access.
All capabilities are integrated and managed through Check Point’s Infinity Portal, which provides teams with unified policy management, consolidated security reports, event management and forensics for all Harmony solutions. It also includes the capabilities of Check Point’s CloudGuard platform for cloud-native security, and its Quantum network security. All logs and security events are stored in the Infinity Portal’s cloud-native big data platform, enabling vast amounts of data to be quickly searched and analyzed, providing unified visibility of malicious activity across Harmony solutions, explained Brian Gleeson, head of Infinity product marketing.
In addition to elevating some Check Point capabilities that often fly under the radar—especially endpoint, mobile and email security—this solution takes a more user-centric approach to the secure remote access issue than is typical, said John Grady, senior analyst for network security at ESG.
“We’ve seen a lot of attention around zero-trust network access, which is heavily focused on ensuring corporate application and resource access is secure. Harmony ties in more user protections for an end-to-end approach,” he said.
More specifically, Harmony offers:
- Privacy and full web security. Through its new Harmony Browse, the solution provides secure, private web browsing by inspecting all Secure Sockets Layer (SSL) traffic directly on the endpoint without adding latency or rerouting traffic through a secure web service. It blocks a wide array of malware while keeping users’ browsing history private. The privacy aspect of doing SSL decryption on the device rather than in the cloud or on the gateway is important, Grady said. “We know encrypted threats continue to rise in prevalence, but organizations are leery of infringing on privacy and decrypting too many packets. Doing it on the device maintains privacy while ensuring attacks can’t obfuscate via encrypted traffic.”
- Secure remote access from all devices, from any location. It supports clientless zero-trust network access from any browser.
- Protection for users’ email and productivity apps such as Microsoft Office 365, Exchange and Google G Suite.
- Comprehensive endpoint and device security. It secures employees’ mobile devices against malicious apps and network or OS attacks.
While there are other ways to get the same functionality that Harmony offers—namely, individual security solutions—Grady said Check Point’s approach may lead to more efficient management, more effective security, better vendor management and simpler licensing.
“There is so much overlap across security products these days—from secure web gateways, CASB [cloud access security broker] and data loss prevention to next-generation firewalls, zero-trust network access and VPNs,” he said. “Replicating policy and ensuring consistency has become increasingly difficult. Converging a lot of these controls makes that easier and should improve security as a result. Our research has found that organizations are looking for platform approaches to reduce the number of vendors in their environment, develop more strategic relationships with them and improve their economies of scale relative to procurement.”