Pentesec Ltd

Check Point Sandblast Mobile

SandBlast Mobile provides a powerful and continuous level of security across an organisations mobile device real-estate. The solution provides an always-on, always up-to-date protection for your smartphone and tablet users against known and unknown threats against both mobile devices and data upon these devices before any damage can be caused.

Features

  • Smartphone Protection
  • Protect against Malware Infected Apps
  • Protect against Operating System Exploits
  • Prevent data loss from mobile devices.
  • Mobile Threat Prevention
  • Prevent Man in the Middle Attacks on Compromised Wi-Fi
  • Full Threat Visibility of Mobiles across organisation.
  • Unified Management with rest of security network.
  • Event Logging and Reporting
  • Part of Check Point Infinity Offering

Benefits

  • Cloud Behavioural Risk Engine determines risk level and appropriate response
  • Advanced app analysis to check if installed Apps are malicious
  • Supported on tablets and smartphones running both Android and iOS
  • Events logs available for online analysis, & SEIM integration
  • Cloud based management portal with detailed reporting
  • Clear user alerts with remediation recommendations
  • MDM integration for seamless deployments and management of compromised devices
  • Preserve UX and privacy, whilst meeting organizational or regulatory mandates
  • No additional hardware or software installation required
  • Proactive device lock down when threats are detected

Pricing

£1.44 to £3 per device per month

Service documents

G-Cloud 10

954702852286423

Pentesec Ltd

Richard Bass

01733 889406

richard.bass@pentesec.com

Service scope

Service scope
Service constraints Can be deployed on any iOS / Android device and integrates with many services such as MDMs, MAMs, NACs and SIEMs.

Not compatible with Windows Phones.
System requirements
  • IOS
  • Android

User support

User support
Email or online ticketing support Email or online ticketing
Support response times In Hours SLA: P1 - 30 Minutes P2 - 60 Minutes P3 - 180 Minutes P4 - 1

Business Day Out of Hours SLA: P1 - 60 Minutes P2 - 120 Minutes
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels All customers receive a dedicated account manager responsible for balancing their communications with our technical team.

Support can be provided in office hours which are 8am to 6pm Monday to Friday as 'Standard' and we provide 'Premium' support 24/7.

Pricing is dependent on the number of licences, and level of support required.

Support tickets are assigned to a technical expert who is responsible for managing that specific case.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Upon sign up, Pentesec Request a Technical Point of Contact list of any authorised personnel who can log, access and change tickets on your organisation's behalf.

Those users are then sent credentials, instructions and log in tokens to enable them to utilise our support service.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Once the contract comes to an end, all data collated will be returned in a pre-agreed format.
End-of-contract process Service will cease at the end of the contract term. All customer data will be returned in a pre-agreed format on request.

Using the service

Using the service
Web browser interface Yes
Using the web interface An account manager will on board new customers and assign them access to the Pentesec web portal. There you can track tickets, log calls, request call backs and access our services.
Web interface accessibility standard None or don’t know
How the web interface is accessible The Pentesec Portal is accessible via web browser.
Web interface accessibility testing The foundation framework that our portal is built within has accessibility features for assistive technology users.
API No
Command line interface No

Scaling

Scaling
Scaling available Yes
Scaling type
  • Automatic
  • Manual
Independence of resources Check Point have data centres worldwide and strives to provide service uptime that is equal or greater than 99.99% calculated per calendar month.
Usage notifications Yes
Usage reporting Other

Analytics

Analytics
Infrastructure or application metrics Yes
Metrics types Other
Other metrics
  • Support Requests
  • SLA Response
Reporting types Reports on request

Resellers

Resellers
Supplier type Reseller providing extra features and support
Organisation whose services are being resold Check Point

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest Other
Other data at rest protection approach TBC
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
Equipment disposal approach In-house destruction process

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • Redundant systems and networks are deployed across servicing components
  • Load balancing ensures service availability in case of component failure
  • Policy, users, logs and configurations are stored in redundant locations.
Backup controls These backup options are provided by Check Point in the back end of their service and cannot be controlled.

DRP: In case of data center failure, automatic failover is deployed to an alternate data center. (Note: Selecting a specific data center (for example, in EU) will cause the loss of data center failover functionality.)

Check Point enforces internal policies to control the retention of backup data. All data is backed up at each data centre, on a rotating schedule of incremental and full backups.
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Supplier controls the whole backup schedule
Backup recovery Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Support response times

In Hours SLA: P1 - 30 Minutes P2 - 60 Minutes P3 - 180 Minutes P4 - 1 Business Day

Out of Hours SLA: P1 - 60 Minutes P2 - 120 Minutes

Escalation path to Check Point available, with 24/7 response.
Approach to resilience This Information is available on request.
Outage reporting Email Alerts

Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Username or password
  • Other
Other user authentication Users can only be added and removed to the support portal by an authorised technical point of contact.
Access restrictions in management interfaces and support channels If users are not authorised technical points of contact then they cannot access support channels.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password
Devices users manage the service through Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Our information security governance manual is available upon request.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Configuration and Change Management processes are in place with formal management responsibilities and procedures assigned to ensure appropriate change control. Changes are logged for audit and all relevant information is retained.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Vulnerability scanning of our support platform is performed using industry leading services. Processes are in place to ensure that patching and remedial actions are taken in a regimented and consistent fashion to limit the business impact of newly discovered vulnerabilities.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Our Protective Monitoring Approach conforms with ISO27001 Standards for logging and monitoring our services, and how to identify, handle and respond to incidents quickly.
Incident management type Supplier-defined controls
Incident management approach Our Incident Management Approach conforms with ISO27001 Standards.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart No

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes

Pricing

Pricing
Price £1.44 to £3 per device per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial A Free trial can be obtained for Up to 50 users can get up to a 30 day trial, to test operational scope of the service. Please contact Pentesec for licencing.
Link to free trial Mailto:enquiries@pentesec.com

Documents

Documents
Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑