Skip to main content

Beta Help us improve the Digital Marketplace - send your feedback

Brookcourt Solutions

Cloud App Security Broker (CASB) - Proofpoint

Proofpoint has the only CASB solution that meets the needs of security people serious about cloud threats, data loss prevention and time-to-value. Extends our human-centric security from Email to cloud apps. Protects users from cloud threats, safeguards sensitive data and helps you stay compliant with cloud app governance.

Features

  • Compromise account detection and deep dive analysis
  • Rules enabling a customer to automate mitigation and remediation
  • Rules for pro-active account access- bad/good networks, devices, VPNs, behaviours
  • 360 Degree cloud account data visibility, sharing, malicious file detection
  • ShadowIT visibility and control
  • Cloud Acct Data Control – sharing,up/download,user/group,geo,network, IP, Malicious-content
  • DLP enabling asset data detector/classification visibility into violation detection
  • Automation to DLP violation enabling suspend/quarantine/remove- with user notification
  • 3rd party application / OAuth control; white/black listing, revoke/remove automation

Benefits

  • Unique integration with the #1 threat vector
  • Unique account compromise remediation (O365, Gsuite) – automated with TRAP!
  • Unique 3rd party application management – detection through to remediation
  • Agentless, non-obtrusive architecture (Email + SaaS API & AAC)
  • Threat intelligence correlated across millions of Proofpoint Email touchpoints
  • Advanced adaptive access & cloud management (API/Adaptive Access Control (“AAC”)
  • Data Loss Prevention integrated directly with Email (Vis =IMS, Web,EM,SaaS)

Pricing

£73.66 a user a year

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at contact@brookcourtsolutions.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

3 3 6 2 5 7 3 1 4 2 8 6 6 6 8

Contact

Brookcourt Solutions Phil Higgins
Telephone: 01737 886111
Email: contact@brookcourtsolutions.com

Service scope

Software add-on or extension
No
Cloud deployment model
Community cloud
Service constraints
The Cloud Access Security Broker works with cloud platforms.
System requirements
  • No system requirements in API mode.
  • In PROXY(SAML) mode requires SAML compliant application
  • Supports industry leading IDAM providers.

User support

Email or online ticketing support
Email or online ticketing
Support response times
24x7x365, service response is immediate with ticket reference. Answers to questions might vary depending on the question/s however this is measured and managed under specific service response guidelines and audited yearly by both industry and customers.
Proofpoint's support program is available here: https://www.proofpoint.com/license
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Via support portal, in a browser.
Web chat accessibility testing
TBCTBCTBC
Onsite support
No
Support levels
See support documentation published: https://www.proofpoint.com/license
Support available to third parties
Yes

Onboarding and offboarding

Getting started
End to end configuration provided as part of the service.
Service documentation
Yes
Documentation formats
  • PDF
  • Other
Other documentation formats
  • .doc
  • .xlsx
  • .ppt
End-of-contract data extraction
No customer data is stored by Proofpoint CASB. Configuration and user enablement data can be off-loaded / deleted by request at the end of the customer agreement.
End-of-contract process
Customer service ends, API links and/or SAML Proxy gateway is cancelled and open. Customer configuration data is deleted or stored for a year pending customer requirements.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
None.
Service interface
Yes
User support accessibility
None or don’t know
Description of service interface
Administrators can view suspicious authentication attempts, data loss prevention alerts and dashboards that provide detail into your security.
Accessibility standards
None or don’t know
Description of accessibility
Users = not relative for the type of control service CASB offers. Admins = off any standard web browser
Accessibility testing
N/A
API
Yes
What users can and can't do using the API
Full functionality via API
API documentation
Yes
API documentation formats
Other
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
Via rule sets, dictionaries/detectors/smart ID's, network configuration, VAP/VIP/user/group/location/user agent/IP reputation, alerting & notifications, and more.

Scaling

Independence of resources
We load balance the services and scale based on demand 50%+.

Analytics

Service usage metrics
Yes
Metrics types
File/Folder events, Login events, Root level activity (GSuite), Site events /Sharepoint, Application events.

Resellers

Supplier type
Reseller providing extra support
Organisation whose services are being resold
Proofpoint

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Other
Other data at rest protection approach
Described in our data ownership and protection policy
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
No user/customer file data is stored by Proofpoint CASB.
Data export formats
Other
Data import formats
Other

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network
Access to the Proofpoint production environment, where services are hosted, is granted based on role via a 2FA encrypted VPN.

Availability and resilience

Guaranteed availability
Our SLA response times for open trouble tickets are based on our support services program document, which is located here: https://www.proofpoint.com/sites/default/files/pfpt-en-support-services-program-171212.pdf
Approach to resilience
The Proofpoint CASB ("PCASB") system is a cloud-native distributed platform. All data infrastructure components and runtime services are distributed and replicated across multiple fault domains, with automatic failover in case of outage. Data infrastructure components have replication and automatic failover built in, which means partial outages are remediated automatically. Runtime services are fronted by AWS ELB and auto-scaling groups, which automatically spins up new instances in case of instance failures. In case of total disaster, all data is backed up or archived to AWS S3 (encrypted, zero-trust access by default) and can be restored in another datacentre. All the underlying data stores used by PCASB are distributed, support native replication, and have automatic failover. All runtime services are deployed with multiple instances and self-healing/scaling capabilities. Web endpoints are exposed though Amazon’s ELB service, which provides HA guarantees. Internally, PCASB relies on an asynchronous message passing architecture, which limits the effects of local runtime failures and provides resiliency and continuity.
Outage reporting
The Proofpoint CASB ("PCASB") system is a cloud-native distributed platform. All data infrastructure components and runtime services are distributed and replicated across multiple fault domains, with automatic failover in case of outage. Data infrastructure components have replication and automatic failover built in, which means partial outages are remediated automatically. Runtime services are fronted by AWS ELB and auto-scaling groups, which automatically spins up new instances in case of instance failures. In case of total disaster, all data is backed up or archived to AWS S3 (encrypted, zero-trust access by default) and can be restored in another datacentre. All the underlying data stores used by PCASB are distributed, support native replication, and have automatic failover. All runtime services are deployed with multiple instances and self-healing/scaling capabilities. Web endpoints are exposed though Amazon’s ELB service, which provides HA guarantees. Internally, PCASB relies on an asynchronous message passing architecture, which limits the effects of local runtime failures and provides resiliency and continuity.

Identity and authentication

User authentication needed
Yes
User authentication
2-factor authentication
Access restrictions in management interfaces and support channels
CASB works with industry leading Single Sign on and Multi-factor authentication technologies.
Access restriction testing frequency
At least once a year
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
Proofpoint's information security program is aligned with the requirements of NIST 800-53 and ISO 27001. However, we are not certified to the ISO 27001 standard.
Information security policies and processes
Proofpoint's information security program is aligned with the requirements of NIST 800-53 and ISO 27001. However, we are not certified to the ISO 27001 standard.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Proofpoint has a documented change management policy that includes requirements around documented change tickets and review and approval by the Change Review Board.
Vulnerability management type
Undisclosed
Vulnerability management approach
Proofpoint performs internal and external vulnerability scanning and remediates applicable findings in line with the Proofpoint patch management policy.
Protective monitoring type
Undisclosed
Protective monitoring approach
Proofpoint has distributed monitoring in place for availability, performance, capacity and security. Alerts are directed to a 24x7 NOC or SOC for review, remediation and/or escalation.
Incident management type
Undisclosed
Incident management approach
Proofpoint has a documented Incident Response Plan that includes procedures to detect, investigate, remediate and communicate security incidents. A trained IRT team is responsible for the maintenance of the program.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Covid-19 recovery
  • Equal opportunity
  • Wellbeing

Covid-19 recovery

As Proofpoint has grown, so have our programs continued to evolve to meet our colleagues’ needs, which we believe is essential to attract and retain employees of the highest caliber. We regularly and frequently communicate with and listen to our employees through small group surveys, interactive forums and townhalls, emails and online resources, to then iterate our processes and programs to improve the employee experience. For example, at our weekly townhall meetings, our CEO and other members of the executive team engage our global workforce with updates on the COVID-19 pandemic, our ongoing business operations, and other topics of interest.

Over the past year the employee experience has changed. They have encountered, observed and felt a transition from our traditional programs to virtual offerings that employees and their families can participate in, balancing a mix of live and on-demand activity. These online programs include educational classes taught by our fellow colleagues, mental health courses (mindfulness, resilience, meditation), cooking classes, financial well-being support, and “Vacation at Home” ideas. We realized that many of our parents sometimes need a little additional support, and because of this, Proofpoint created programming for Proofpoint kids, which included week-long STEAM camps during the summer, and offered ongoing story time, trivia games, art and dance, writing and oral presentation classes.

We launched in the summer of 2020, ProofpointEDU, a series of classes for Proofpoint kids taught by Proofpoint employees including topics like math, science, history, and cybersecurity for kids ages 5-15. Further, we introduced virtual team building programs such as trivia, bingo, escape rooms, and other group activities, all done via Zoom. Our Mindfulness program included music concerts, meditation, and resilience training.

In recognition of what we created for our employees, in July 2020, Proofpoint won the Espresa Innovation and Excellence Award for Culture Benefits.

Equal opportunity

We embrace and foster the diversity of our team members, customers, stakeholders and consumers. Everyone is valued and appreciated for their unique backgrounds, experiences, thoughts and talents, all of which contributes to the growth and sustainability of our business. We strive to cultivate a culture and vision that supports and enhances the Company’s ability to recruit, develop and retain diverse talent at every level. As a global and distributed workforce, we recognize and celebrate our team members, their varied backgrounds and cultures. Our career development opportunities are designed to foster inclusivity through ongoing career conversations that actively advance and develop people of all backgrounds.

We believe that diversity, inclusion, and opportunity is a journey and we are committed to building a diverse and inclusive company and society for our employees, customers, partners, and shareholders. In order to create a more diverse and inclusive work environment, we provide education, training and tools so that all employees can become aware of bias, how it exists and how to mitigate it. As we continue to shape our work environment and world-class organization to be more inclusive and inviting, we are actively striving to build an extensive pipeline of talent through various programs. Our internal programs enable and empower our hiring managers to identify alternative and emerging talent pools and to create an inclusive candidate experience.

Wellbeing

Together with our employees we are building a secure future, and it starts with securing our most important asset—our people. Our commitment to wellbeing is built on a foundation of helping employees get access to great programs and resources for maintaining their health. We offer global programs that provide and enhance a healthy, balanced lifestyle. Our localized benefits keep both the individual and family in mind, so our employees can take full advantage of what matters most to them, for where they are in life. We offer employer-paid life, disability and employee assistance programs. We also offer global programs for our employees’ physical, mental and financial health.

Since the COVID-19 pandemic was declared in early 2020 and our employees began working from home, we quickly transitioned to virtual offerings that employees and their families can participate in. These online programs include educational classes taught by our fellow colleagues, mental health courses (mindfulness, resilience, meditation), cooking classes, financial wellbeing support, and “Vacation at Home” ideas. Realizing that many of our parents sometimes need a little additional support, Proofpoint created a series for Proofpoint kids, which included week-long STEAM (Science, Technology, Engineering, Art and Math) camps during the summer, and offers ongoing story time, trivia games, art and dance classes. Also launched in the summer was ProofpointEDU, a series of classes for Proofpoint kids taught by Proofpoint employees including topics like math, science, history, and cybersecurity for kids ages 5-15. All of our programs are a balanced mix of live and on-demand activity.

Pricing

Price
£73.66 a user a year
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Full service offering as a Proof of Concept for 2 weeks as standard at customers request
Link to free trial
Requested with Brookcourt Solutions

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at contact@brookcourtsolutions.com. Tell them what format you need. It will help if you say what assistive technology you use.