SEP2 LIMITED

Check Point Harmony Email and Collaboration

Provides organizations with complete full-suite protection providing security admins with an easy-to-deploy and manage platform, block sophisticated social engineering attacks such as impersonation, zero-day phishing and Business Email Compromise. Using AI-trained engines. Securing inbound, outbound, and internal emails from phishing attacks inspects the communication’s metadata, attachments, links and language

Features

• Detects malware, ransomware, east west attacks preventing malicious data loss
• Threat emulation evasion resistant CPU level sandbox
• Proactive Threat Extraction, cleans files and eliminates potential threats
• Threat Extraction eliminates unacceptable delays created by traditional threat emulation
• The industry’s only fully integrated document and image sanitization solution
• Protect sensitive data and maintain regulatory compliance with advanced DLP
• Prevent advanced account takeover attacks by augmenting authentication processes
• Uses patent-pending technology to prevent unauthorized users and compromised devices
• Harmony Email & Collaboration intercepts attackers using machine learning algorithms
• Inline API-based protection for inbound, outbound and internal email communication

Benefits

• Recognized by the NSS Labs most effective in breach-prevention
• Complete-Protection: Secure all lines of communication,from email-to-collaboration
• Delivers safe file version to users in under two-seconds
• Installs within-minutes,starts catching malicious activity immediately
• Enables you to enforce a data-leakage policy based on requirements
• Detects sensitive data sharing via email and collaboration-apps
• Proven Malware catch rate (99.91%) by the NSS labs
• A single license for both email and productivity apps
• Secures major file-sharing services,Google-Drive,SharePoint,OneDrive, Sharepoint, Box, Dropbox
• Adds security layers to collaboration apps like Slack and MicrosoftTeams

£36 a user a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@sep2.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

588002837824895

Contact

sep2 sales team
03300437372
sales@sep2.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: If in the event that any maintance window will impact the service you will be notified before the planned work.
• System requirements:
  • Supports Office 365, email, Sharepoint and OneDrive
  • Supports Google Workspace, Drive and Gmail
  • Supports Microsft Teams
  • Supports Slack
  • Supports Box
  • Supports Dropbox
  • Supports Citrix Sharefile

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: "Severity 1: Response time 30 minutes. Check Point and Customer commit necessary resources around clock for Resolution, workaround or reduce severity of issue. ; Severity 2: Response time 2 hours. Check Point and Customer commit full-time resources during normal business hours for Resolution, workaround or reduce severity of issue and alternative resources during non-Standard Business Hours.; Severity 3: Response time 4 hours. Check Point and Customer commit full-time resources during normal business hours for Resolution, workaround or reduce severity of issue. ; Severity 4: Response time 4 hours. Check Point and Customer provide resources during normal business hours for Resolution. "
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Our service is B2B and currently is not tested according to EN 301 549 accessibility standards.
• Web chat accessibility testing: Our service is B2B and currently is not tested according to EN 301 549 accessibility standards.
• Onsite support: No
• Support levels: "Type; Collaborative Enterprise Support: local partner experts backed by Check Point. ; Direct Enterprise Support: direct support from the Check Point experts.; ; Levels; Standard - 5 x 9 Business Day, get advanced access to our large, self-service knowledge base and a committed 30-minute response time to issues with level one severity.; Premium – 7 x 24 Every Day, enjoy all the benefits of Standard Collaborative Support, plus real-time 24×7 Global support.; Elite – 7 x 24 Every Day, receive comprehensive support plus the possibility of having an engineer on-site for critical SW issues.; Diamond – 7 x 24 Every Day, extend your Premium/Elite Support with personalised support, in-depth resources and consulting.; ; PRO - optional support add-on. When a severe issue is detected, a Check Point PRO expert proactively contacts you to help resolve the issue and prevent service downtime. Check Point PRO also provides you with a comprehensive report, delivering an overview of your overall security, diagnostics and actionable insights.; ; Please speak with your chosen partner to discuss your support requirements and get the level your organisations needs."
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: "A simple and documented onboarding process is avaialble for all services via the Check Point Infinity Portal. Individual Admin guides are available for each service giving details on getting started and configuration. In addition, Check Point offers a variety of other resources to educate users on their solutions such as online knowledge base, on-demand webinars, product videos and online training.; ; At additional cost, Professional Services experts can help with the planning, design, implementation, optimisation and service handover."
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The service does not hold customer data only security configuration and log data to generate reports on the service functionality. Report information can be exported from the service web interface in order to archive the information.
• End-of-contract process: Unless the contract is renewed, functionality of the service (as described in the service features section) will cease on the day of expiration. The service will remain accessible. If the service is not renewed after 90 days of expiry the service will be terminated and all configuration deleted.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: The service is accessed via the Check Point Infinity Portal. This web-based platform delivers all the security capabilities of the Check Point Infinity consolidated architecture. With a single account, organizations can secure and manage their entire IT infrastructure – networks, cloud, IoT, endpoints and mobile – from one console, according to the services they subscribe to. The Portal provides consistent security with unified protections and management in one place and full visibility into threat posture.
• Accessibility standards: None or don’t know
• Description of accessibility: Our service is B2B and currently is not tested according to EN 301 549 accessibility standards.
• Accessibility testing: Our service is B2B and currently is not tested according to EN 301 549 accessibility standards.
• API: Yes
• What users can and can't do using the API: "There are numerous options when using the API to manage and investigate security events, here are a few of the options and a link to the Check Point API help page. This outlines all of the API's for Checkpoint applications. ; ; https://sc1.checkpoint.com/documents/latest/api_reference/index.html ; ; Examples ; ; Managing security events ; URI - GET; To use this endpoint, send a GET request to receive a specific security event by its Harmony Email & Collaboration ID: /event/{eventId. ; ; Search for a security event ; URI - POST ; To use this endpoint, send a POST request to retrieve a specific security event or multiple events by flexible query criteria: /event/query ; ; Single security event; URI - POST; To use this endpoint, send a POST request to perform a single action on a specific security event or multiple events (a single action is supported per multiple events): /action/entity ; ; Managing Secured Entities; URI - GET; If you have a single entity ID, you can extract all entity details and related details in a single API call: /search/entity/{entityId} ; ; Single security event; URI - POST; To use this endpoint, send a POST request to perform a single action on a specific security event or multiple events (a single action is supported per multiple events): /action/event
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: No
• Customisation available: No

Scaling

• Independence of resources: The service is built on public cloud infrastructure and scales automatically to accommodate new users. Each service account is provisioned as a separate tenancy with no interaction between tenancies.

Analytics

• Service usage metrics: Yes
• Metrics types: Metrics are available
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Check Point Software Technologies Ltd

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: The service does not hold customer data only security configuration and log data to generate reports on the service functionality. Report information can be exported from the service web interface in order to archive the information.
• Data export formats: Other
• Other data export formats: PDF
• Data import formats: Other
• Other data import formats: None. The service does not hold data.

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: "Availability and how it is calculated can be found in the Terms of Service – Cloud Services; Infinity Portal Cloud End-user License Agreement. If the Monthly Service Availability or the Monthly Service Latency of the applicable Service during a calendar month is below the thresholds specified, You may request Check Point to extend Your current Service Term by additional days (“Service Credits”) at no extra charge according to the thresholds outlined in the agreement, subject to a maximum of 1 month of Service Credits per year of Service.; ; Full details on Service Availability, Service Latency and Service Credits can be found in section ""4. Service Level"" of the Terms of Service – Cloud Services; Infinity Portal Cloud End-user License Agreement found here: https://www.checkpoint.com/about-us/cloud-terms/"
• Approach to resilience: "Service Availability Controls; - Redundant systems and networks are deployed across servicing components.; - Load balancing ensures service availability in case of component failure.; - DRP: In case of data center failure, automatic failover is deployed to an alternate data center. (Note: Selecting a specific data center (for example, in EU) will cause the loss of data center failover functionality.); - The customer account: policy, users, logs and configurations are stored in redundant locations.; - Check Point enforces internal policies to control the retention of backup data. All data is backed up at each data center, on a rotating schedule of incremental and full backups."
• Outage reporting: The current and historical status of all Check Point services is available at https://status.checkpoint.com/. This page can be accessed directly and also from within the service portal. The page shows status, uptime, historical data, incidents and any relevant post-incident reports. From this page users can also subscribe to receive updates via any of the following methods: email, SMS text message, Slack message, RSS feed.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: The service uses role-based administration to restrict access for authorised administrators. There are two types of admin roles, Global roles (which apply to the Infinity Portal platform and to all the services in the Infinity Portal.) and Specific Service roles (which apply only to a specific service. The specific service roles are in addition to the global roles and do not override them.)
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: "Standards Institution of Israel https://www.sii.org.il/en/"
• ISO/IEC 27001 accreditation date: 01/03/2022
• What the ISO/IEC 27001 doesn’t cover: Harmony Connect, Harmony Browse, Harmony Email and Collaboration, Smart-1 Cloud, Infinity SOC are all in progress (we have a letter of proof).
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • SOC 2 Type 2 for 2021
  • SOC 2 Type 2 in progress proof for 2022
  • ISO 27001-27017 in progress proof for 2022
  • ISO 27001-27018 in progress proof for 2022
  • ISO 27001-27036 in progress proof for 2022
  • CloudGuard PCI-DSS Level 1 Service Provider 2021-2022
  • Lapsed Cyber Essentials and Cyber Essentials plus accreditation (currently recertifying)

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Check Point has an information security process in place to protect customer confidential information against accidental loss or misuse, in conformance with applicable laws and industry standards. Our security framework is based on internal security policy standard, which is very strict. The scope of our company’s security policies and standards cover critical business aspects (e.g. application development, data center services, cloud security, physical security, change management process, etc.). All employees are trained in information security policies, standards and procedures, security requirements, business controls and in the use of IT facilities. Self-audits are being done on a regular basis and corrective actions are taken when needed. Additionally, Check Point’s security policies and standards are reviewed on regular basis, 2-4 independent reviews are conducted on specific areas (i.e. source code review, SOX audit, etc.).

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: "SOC 2 Compliance.; ; Change requests are documented within the Change Management tool. The request is reviewed and approved by the Director of Operations. Emergency changes are performed and updated as part of hot fixes, which follow the same process as described above though the time frame may be shortened, and approvals may be provided after the change was already performed. Key Check Point personnel are notified of cases of test failures. Every test failure is documented in the change management tool and sent to the relevant personal in the Project manager."
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: "CheckPoint performs monthly vulnerability scans and employs a centrally managed configuration management system, including infrastructure-as-code systems through which predefined configurations are enforced on its servers, as well as the desired patch levels of the various software components.; There is an internal procedure that defines the Patch management process and employees are trained in the corporate security policy.; In addition to the ongoing patch management processes, CheckPoint performs security monitoring from three main channels:; 1. Internal Security Research (vulnerability scanners, penetration test, company’s Incident response team and researchers, etc.); 2. External sources (threat intelligence, US-CERT, publications,vendors updates, etc.); 3. Anonymous notifications"
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: "Check Point monitors the production environment with several tool such as grafana ,sumologic and implements a continuous monitoring strategy.; Check Point plans to mandate ongoing security control assessments to be completed in accordance with the FedRAMP continuous monitoring strategy and respond to security related vulnerabilities and issues generated by security assessment and monitoring activities by either fixing, remediating or implementing mitigating controls to reduce the overall risk.; The Check Point CISO team plans to use information obtained from continuous monitoring and ongoing assessments of Check Point for FedRAMP reports the security state of the system via vulnerability scan results"
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: In the event of a security incident, Check Point’s security team is responsible for investigating and responding. Check Point has clear risk and damage assessment procedures to define the SLA required to solve any security incident. Check Point’s Information Security Manager, and other managers, will coordinate security response including containment, investigation, infrastructure securing, reporting, closure and follow up. Check Point will respond using the appropriate management and technical resources in order to promptly restore operations impacted by any incident. Check Point will adhere to applicable laws and industry standards in this process, including following any required notifications.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  SEP2 have a published Carbon Reduction Plan, available at https://www.sep2.co.uk/carbon-reduction-plan/. As per the information within that plan, SEP2 are committed to achieving Net Zero by 2035. SEP2 already have a number of initiatives in place to help manage our carbon footprint, including: • During 2020, SEP2 fleet vehicles were changed to be 100% Batter Eclectic Vehicles (BEV), and any and all additions to the SEP2 fleet will continue to be full 100% BEV. • SEP2 are a member of Cycle2Work scheme and encourage employees to reduce their emissions through cycling to work. • SEP2 provide re-usable bottles and cups for all employees and do not allow single use paper or plastic cups in the offices. • Hybrid home working is common across SEP2 to reduce commute emissions and direct Scope 2 GHG emissions. Future considerations in support of our plans to be Net Zero by 2035, the following future initiatives are being discussed within the SEP2 Senior Leadership Team • Electric car salary sacrifice scheme for employees who do not have a fleet vehicle • Projects to increase management of Scope 2 emissions through use of PIR/non-occupancy timers and other such technology within our office space • Review of company travel policy to better understand carbon emissions within Scope 3 that can be managed in this way • Review of our Scope 3 emissions within our supply chain to better understand our abilities to manage these with our suppliers By the end of 2024 SEP2 aim to have an established Environmental, Social and Governance committee which will have produced a report capturing the current initiatives that are in place within SEP2 to manage such considerations, as well as capturing a 12, 36 and 60 month plans detailing future initiatives in aim of meeting our NetZero by 2035 stated mission.

  Tackling economic inequality

  During one of the topical discussions in the Women in SEP2 group, Maya wanted to explore the reasons why, during recent recruitment for the SEP2 Central Response Team, only 7% of applications were Women. Maya said: “We considered the full route into Cyber Security, where does the interest begin? And how can we create opportunities? We decided it made sense to start with younger kids, getting them interested at an early age and showing them how exciting Cyber Security can be! We expanded this to not only girls and women, but to other minority groups who exist in schools and may not have the same level of access into a career in tech”. The outcome of this was the development of the SEP2 Cyber Schools initiative. SEP2 partnered with and invited local high schools within the Leeds area to come into the SEP2 offices and SOC and to participate in a day of activities to help educate students as to the potential career opportunities within the Cyber Security industry. Key goals of the event was to show the attendees of SEP2 Cyber Security School one of three distinctive areas of our business, as a good general starting point: 1. Attack (White hat, of course) 2. Defend 3. Analysis By providing a sample session on each focus area, we hope to encourage our students to be able to help identify their areas of interest and start to ask practical questions on how they can advance their learning to get one step ahead of their competition as they try to get their first foot through the door. We also held group presentations covering an overview of the industry as well as more practical sessions led by our People Manager who specialises in Learning and Development on topics such as CV writing.

  Equal opportunity

  SEP2 is a Medium Sized business, having between 50 and 250 employees. SEP2 is owned by three individuals, and a core commitment from the owners is shared and social responsibility. Within SEP2, there is a Share Ownership Scheme which over the past years and with future considerations included will see over 10% of the ownership of SEP2 be owned by our employees at all levels and across all teams. This is delivered primarily through a EMI incentive platform where employees are given actual shares, not share options as part of their ongoing development with SEP2. SEP2 have an award-winning Apprenticeship programme that spans a number of our different teams. Within the last 3 years we have had 20 apprentices join and go through this programme. Of the total, 8 are still within the programme and 8 have graduated into full roles within SEP2. Women in SEP2 is a community that fosters empowerment and collaboration. We aim to create a supportive and safe space for the Women in our business; a place where ideas can be shared, achievements celebrated, and advice sought from other Women in Tech. Each session is based around a 'Ponder Point', that we collectively think about before the session and come together to discuss. Anyone in the group can suggest a ponder point, some of the previous ones being Imposter Syndrome, Being Assertive Without Being Seen as a B*tch, and the underrepresentation of Women in Tech. Maya Lea-Langton, Cyber Security Analyst, has found a lot of value in joining these meetings. They said, “These sessions are also valuable for being a space to get to know people you may be unlikely to meet day-to-day due to remote working or being in different departments. Being able to have fun and thought-provoking discussions makes asking for help easier.”

  Wellbeing

  SEP2 pay the Living Wage to all employees SEP2 offer a number of benefits to our employees including being a member of the Cycle2Work Scheme to allow for employees to access bikes and cycling equipment without initial upfront expenditure. SEP2 are also a member of the TechScheme, which is a similar initiative allowing employees to purchase technology from places such as Currys via a salary sacrifice scheme. In addition, in 2022 to assist our employees with the cost of living crisis, SEP2 partnered with Sodexo to offer an employee benefit portal (SEP2 Rewards) that brings a huge number of options to our employees such as 3-10% savings on day to day shopping at locations such as Asda, Tesco etc, as well as benefits for the wider family such as discounted cinema tickets, bowling tickets etc. This is all available via an easy to use app and has enabled many of our employees to make significant savings across their daily spend. SEP2 provides our employees access to an Employee Assistance Program (EAP). The EAP provides; • Freephone advice, information and counselling service • 24 hours a day, 365 days of the year • Online information regarding health, fitness, nutrition and stress management resources SEP2 recognises the importance of employee wellbeing and seek to support this via Medicash, a healthcare cashback scheme which is delivered within our EAP program. With this benefit our employees are able to claim back their medical outgoings to a specific amount plus giving them numerous other services and products. Medicash can be extended to employee spouses and up to 4 children under the age of 18 who will receive half of the outlined monetary benefits.Medicash is available for all SEP2 employees and all new joiners will be auto enrolled onto the scheme

Pricing

• Price: £36 a user a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Free trial includes all functionality as described in the service functionality for a limited time period of 30 days for up to 500 seats.
• Link to free trial: Please contact your chosen partner to discuss beginning a free trial.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@sep2.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.