Skip to main content

Help us improve the Digital Marketplace - send your feedback

Intercity Technology Limited

Managed Check Point Harmony

Managed Check Point Harmony delivers unified cybersecurity solutions. It protects endpoints, networks, and cloud environments with advanced threat prevention. Centralised management ensures visibility and control, seamlessly integrating with existing infrastructure, enhancing security posture and compliance. Ideal for businesses seeking comprehensive, cloud-managed cybersecurity solutions.

Features

  • Anti-bot blocking contact with known Command & Control addresses
  • Anti-malware - protecting against known threats
  • Anti-phishing with zero-phishing blocks known phishing attacks and credentials reuse
  • Application control - preventing inappropriate network access attempts
  • Compliance for endpoints - denying resource access to non-compliant endpoints
  • Forensics - providing detailed cyber kill-chain analysis
  • Mobile app protection - behavioural analysis blocking malicious apps
  • Safe browsing - blocking mobile browser access to malicious sites
  • Threat emulation - for analysing email attachments

Benefits

  • Protect against Ransomware
  • Minimal management overhead
  • Prevent malicious apps from executing on user mobiles
  • Stop applications from obtaining unauthorised access
  • Ensure endpoint compliance, denying access to non-compliant endpoints
  • Enable user access only to allowed applications
  • Prevent zombie devices from communicating with C&C devices
  • Protect data at rest with encryption
  • Leverage the world's largest cyber threat database
  • Intercity is a Check Point Professional Partner providing in-depth experience

Pricing

£17.64 to £47.76 a device a year

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@intercity.technology. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

2 5 7 3 1 6 3 5 9 0 4 3 9 7 4

Contact

Intercity Technology Limited Elise Sheridon
Telephone: 0330 332 7933
Email: tenders@intercity.technology

Service scope

Service constraints
None
System requirements
  • Specific software licences for PCs/Macs
  • Specific software licences for Android smartphones / iPhones
  • Specific software licences for users

User support

Email or online ticketing support
Email or online ticketing
Support response times
End of next working day, where working days are defined by the service level (support days, support hours) selected.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Support level depends on support hours required by the customer and the device dependency / service outage impact assigned by the customer to each device.

Support hours options:
- Mon-Fri 08:00-19:00
- Mon-Fri 19:00-08:00
- 7 days 08:00-19:00
- Fri-Mon 19:00-17:00
- 7 days, 24/7

Device dependency / Service outage impact (response, resolution time) options:
- Low P5 - Basic (next day, n/a)
- Low-Med P4 - Essential (4 hours, next working day)
- Med P3 - Standard (30 minutes, 24 hours)
- Med-High P2 - Enterprise (15 minutes, 8 hours)
- High P1 - Elite (6 minutes, 4 hours)

Cost depends on the options selected.

We provide a cloud engineer where required to resolve an incident.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We deploy the service onto users' devices, mobiles, and browsers. As it uses single sign-on, typically with Azure AD, no training is required.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Users can request an archive of data when they terminate their contact.
End-of-contract process
* Check Point Harmony is a yearly Software as a Service application.
* The software is turned off and access prohibited.
* The customer's account is removed from Intercity's Infinity portal, and all customer data deleted.
* Customer users are responsible for uninstalling clients and agents from their devices and applications.

Using the service

Web browser interface
No
API
No
Command line interface
No

Scaling

Scaling available
No
Independence of resources
Check Point Hamony uses the Check Point Threat Emulation sandbox, ThreatCloud intelligence database and ThreatSpect botnet and outbreak database. These are managed by Check Point, delivered from public cloud, so Check Point is responsible for ensuring that users are not affected by other users' demand placed on these services.
Usage notifications
Yes
Usage reporting
Email

Analytics

Infrastructure or application metrics
Yes
Metrics types
Number of active instances
Reporting types
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Check Point cloud services

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
No

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Infinity (management portal) - 99.99%
ThreatCloud (threat intelligence database) - 99.99%
ThreatSpect (botnet and outbreak database) - 99.99%
Approach to resilience
Available on request.
Outage reporting
Service management portal. We will alert users via email of any outages.

Identity and authentication

User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Harmony Connect integration:
* Best practice - integration with the customer's identity provider which implements SAML, including Microsoft Active Directory Federation Services and Azure AD
* Alternatively - email invitation to the user containing temporary password
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password
Devices users manage the service through
Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

Access to user activity audit information
Users receive audit information on a regular basis
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users receive audit information on a regular basis
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Alcumus
ISO/IEC 27001 accreditation date
20/09/2010
What the ISO/IEC 27001 doesn’t cover
Cloud services provided by Check Point:
* Harmony Connect cloud
* Threat Emulation (cloud-based sandbox)
* ThreatCloud (threat intelligence database)
* ThreatSpect (botnet and outbreak database)
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
ISO 27001 and Cyber Essentials Plus

Within our Finance, Commercial and Quality shared services team, our Compliance Manager is head of the Quality function, reporting into our CFO. Within our Chief Operations Office, our Security, IT and Product Director reports into our Chief Operations Officer. Our CFO and COO report into our Group MD, who reports into our CEO.

Joiners are taken through an induction process, which includes introducing them to the infosec policies and processes relevant to their role.

Our Continuous Personal Development program applies to all staff, providing mandatory eLearning and trainer-led courses, including infosec.

We use a proactive anti-phishing application to monitor staff awareness of and adherence to a disciplined approach to email and browser usage.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
System log in the service management platform
Vulnerability management type
Undisclosed
Vulnerability management approach
Supplier defined process
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Supplier defined process
Incident management type
Undisclosed
Incident management approach
Users report incidents via email or phone. Intercity report faults via email

Secure development

Approach to secure software development best practice
Supplier-defined process

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
No

Energy efficiency

Energy-efficient datacentres
No

Social Value

Social Value

Social Value

Fighting climate change

Fighting climate change

We are committed to reducing our environmental impact and continually improving our environmental performance as an integral and fundamental part of our business strategy and operating methods.

Our policy is to:

• Support and comply with or exceed the requirements of current environmental legislation and codes of practice.
• Minimise our waste and reuse or recycle as much of it as possible.
• Minimise energy and water usage in our buildings, vehicles, and processes to conserve supplies, and minimise our consumption of natural resources, especially where they are non-renewable.
• Apply the principles of continuous improvement in respect of air, water, noise, and light pollution from our premises and reduce any impacts from our operations on the environment and local community.
• As far as possible purchase products and services that do the least damage to the environment and encourage others to do the same.
• Assess the environmental impact of any new processes or products we intend to introduce in advance.

We’re certified to ISO140001:2015 and a member of two Corporate Social Responsibility (CSR) initiatives - Global Compact and Eco Vadis.

• The EcoVadis sustainability assessment methodology evaluates how well a company has integrated the principles of Sustainability/CSR into their business and management system.
• The methodology is built on international sustainability standards, including the Global Reporting Initiative, the United Nations Global Compact, and the ISO 26000, covering 200 spend categories and 160+ countries.
• The Sustainability Scorecard illustrates performance across 21 indicators in four themes: Environment, Labour and Human Rights, Ethics, and Sustainable Procurement.
• Intercity Technology’s current EcoVadis score for 2022 – 2023 is 81% (up from 68% in previous years).
• We have been awarded by EcoVadis a platinum medal in recognition of our sustainability achievement for our score which is in the top 1%.

Pricing

Price
£17.64 to £47.76 a device a year
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
* Proof of value
* Harmony Endpoint Advanced
* Up to 5 user devices
* 30 days

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@intercity.technology. Tell them what format you need. It will help if you say what assistive technology you use.