New Check Point blades tackle applications, data loss prevention

Networking security vendor Check Point Software Technologies Ltd. has launched a new software blade and related security technologies designed to make it easier for organizations to manage and control increasingly proliferating Web 2.0 applications.

The Application Control Software Blade integrates Check Point’s UserCheck technology to shift some of the decision-making and management process from the IT staff to the end-user, allowing them to work within application usage policies tailored by the company.

When it comes to data loss, 99 per cent of incidents of unauthorized data leaving the company aren’t malicious; they’re accidental said Kellman Meghu, security engineering manager for Check Point.

“Computers are good at identifying patterns, but not an understanding content and context. Most DLP solutions today run in detect/monitor mode and they find lots of issues, but they’re impractical to run in prevent mode because it would grind business to a halt,” said Meghu. “Another challenge is IT admin exposure. Today’s DLP solutions give admins access to a lot of sensitive data to screen to decide if it’s sensitive or not.”

What’s missing from current solutions, he said, is context. A file may have been uploaded to an external server, but only so the employee could work on it from home. That may be a technical violation of policy, but it’s not a malicious incident. Since some who seriously wants to steal data will always find a way, Check Point’s solution is to take some of the burden off of the IT admin by providing checks and prompts to reduce the accidental incidents.

For example, if someone tries to e-mail sensitive data outside the company accidentally thanks to a mistake with Microsoft Outlook’s auto-complete, Check Point will prompt them if they really want to send that sensitive file to an external destination. Depending on the parameters set for that user by IT, they can either over-ride the prompt and send the message, or change their mind.

Web applications such as Facebook, and widgets within them such as Farmville, are also creating issues from IT ranging from security to simple bandwidth management and employee productivity. With the new blade, Check Point has identified some 4,500 Internet applications and over 50,000 widgets and given IT the ability to monitor usage and turn on or off usage of each one by employee or work group. Users are also prompted to identify whether they’re loading up Facebook, for example, for business or personal use.

“You can’t just block Facebook anymore, because some people need access for business. In the management console you can allow access for certain groups. For example, marketing can update Facebook but not access Farmville,” said Meghu. “Some companies don’t care who uses these applications, others don’t want any access at all.”

Follow Jeff Jedras on Twitter: @JeffJedrasCDN.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Jeff Jedras
Jeff Jedras
A veteran technology and business journalist, Jeff Jedras began his career in technology journalism in the late 1990s, covering the booming (and later busting) Ottawa technology sector for Silicon Valley North and the Ottawa Business Journal, as well as everything from municipal politics to real estate. He later covered the technology scene in Vancouver before joining IT World Canada in Toronto in 2005, covering enterprise IT for ComputerWorld Canada. He would go on to cover the channel as an assistant editor with CDN. His writing has appeared in the Vancouver Sun, the Ottawa Citizen and a wide range of industry trade publications.

Related Tech News

Featured Tech Jobs


CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.