BSI Cybersecurity and Information Resilience (UK) Ltd

Proofpoint Threat Protection Suite

Proofpoint Email Protection stops malware and non-malware threats and granular filtering to control SPAM. Targeted Attack Protection detects and blocks advanced threats, including ransomware. We detect known threats never-before-seen attacks that use malicious attachments and URLs.

Features

  • URLs Sandboxing time of click, time of delivery (predictive analysis).
  • Sandboxing of URLs found inside attachments.
  • Attachment Sandboxing
  • Owns all security technology in solution
  • Attachments delivered as-is (unaltered state)
  • Granular threat forensics (name, indicators of compromise, exploit environment)
  • Smart Search: Comprehensive message tracing across mail agents in seconds.
  • Dedicated threat research team keeping up with changing threat landscape
  • Dynamic Imposter email classifier rules adjust as attackers change tactics

Benefits

  • Protects people from malicious attachments in email
  • Protects people from malicious URL's in attachments and email
  • Respond to threats faster
  • Protects people from impersonation attacks
  • Deployment On-Prem or Cloud
  • Threat analysis through TAP Dashboard
  • Community based intelligence contains more than 800 billion data points

Pricing

£22.71 to £32.51 per user per year

Service documents

Framework

G-Cloud 11

Service ID

8 8 3 4 9 8 3 3 5 4 2 9 5 6 9

Contact

BSI Cybersecurity and Information Resilience (UK) Ltd

Neil Ryan

+353 (1) 210 1711

gcloud@bsigroup.com

Service scope

Service scope
Software add-on or extension Yes
What software services is the service an extension to Extension to messaging platform services – eg On Premise Exchange, Office 365, Google Apps
Cloud deployment model Private cloud
Service constraints See Service Level Agreement
System requirements Existing mail server, eg; Exchange, o365, Zimbra, Lotus Notes

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Dependant on Service Level Purchased;
Support Portal - All Levels
Telephone Support Business Hours
Telephone Support 365x24x7
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels Self-Service, Platinum, Premium & Global

Self-Service: primary access via portal, phone support limited to business hours P1 issues, 2 authorised support contacts

Platinum: access via portal and phone, phone support for all priorities during business hours plus P1 issues 24x7, 4 authorised support contacts

Premium: access via portal and phone, phone support for all priorities during business hours plus P1 issues 24x7, 6 authorised support contacts, assigned Technical Account Manager 

Global: available to Platinum and Premium only. phone access for all cases, all priorities 24x7x365, 12 authorised support contacts
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Installation and training / knowledge share available with dedicated engineer
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Data extraction tools driven by customer.
End-of-contract process Services cease to function.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install Yes
Compatible operating systems
  • Android
  • IOS
  • MacOS
  • Windows
  • Windows Phone
  • Other
Designed for use on mobile devices Yes
Differences between the mobile and desktop service N/A
Service interface No
API Yes
What users can and can't do using the API Utilisation of a reporting dashboard - eg Palo Alto
API documentation Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment No
Customisation available No

Scaling

Scaling
Independence of resources All Proofpoint SaaS systems are actively monitored with local agents collecting hundreds of metrics specific to hardware, networking, and OS. All metrics are measured against a baseline compiled from historical data. Acceptable thresholds are defined based on a combination of optimal performance targets and historical baselines.

Analytics

Analytics
Service usage metrics Yes
Metrics types Granular Reporting of message flow, deep analysis into threats
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Reseller providing extra features and support
Organisation whose services are being resold Proofpoint, Zscaler, BitSight, Okta, McAfee, Qualys, Nessus, Druva

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Other
Other data at rest protection approach TBC
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Data extraction tools driven by customer.
Data export formats Other
Data import formats Other

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection between networks Proofpoint has documented information security program consisting of policies, procedures and standards that aligns with the requirements of NIST 800-53 and ISO 27001. The program is owned by the Proofpoint Global Information Security group, and includes a continuous monitoring program consisting of monthly and quarterly evidence collection and review, and an annual SOC 2 Type II audit of the program.
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability https://www.proofpoint.com/sites/default/files/general_terms_hosted_services_sla_-_mar_2016.pdf
Approach to resilience https://www.proofpoint.com/sites/default/files/general_terms_hosted_services_sla_-_mar_2016.pdf
Outage reporting https://www.proofpoint.com/sites/default/files/general_terms_hosted_services_sla_-_mar_2016.pdf

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
Other user authentication Identity federation with existing provider (for example Google apps)

Username or password
Access restrictions in management interfaces and support channels Identity federation with existing provider (for example Google apps)

Username or password
Access restriction testing frequency At least every 6 months
Management access authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
Description of management access authentication TBC

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification Yes
CSA STAR accreditation date 16/06/2016
CSA STAR certification level Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover None
PCI certification No
Other security certifications Yes
Any other security certifications
  • CSA STAR Self Assessment Registry
  • TRUSTe Data Privacy Assessment
  • Privacy Shield Framework

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes NIST 800-53

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Proofpoint Security Awareness Training has an established change management program that covers processes, procedures, technical implementations, security controls, infrastructure, and more. All changes are documented in a Change Ticket and reviewed and approved by the Change Review Board prior to implementation in the Proofpoint production environment.
Vulnerability management type Undisclosed
Vulnerability management approach Proofpoint has a documented Patch Management Policy that includes procedures for remediation, testing and promotion to the Proofpoint production environment. Vulnerabilities are prioritized based on applicability and criticality.
Protective monitoring type Undisclosed
Protective monitoring approach Proofpoint has implemented a security monitoring infrastructure that includes network-based IDS, quarterly external vulnerability scanning and annual penetration testing. IDS and security audit logs are directed to Splunk for aggregation and alerting to a 24x7 SOC. Continuous monitoring includes monthly and quarterly evidence collection and review to ensure that security controls remain effective and in place between annual SOC 2 audits.
Incident management type Undisclosed
Incident management approach Proofpoint has a documented Incident Response Plan that includes procedures for the detection, investigation, remediation and communication of security incidents.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £22.71 to £32.51 per user per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Full service offering as a Proof of Concept for 2 weeks as standard at customers request
Link to free trial Provided by a Proofpoint Engineer once requirements are confirmed.

Service documents

Return to top ↑