Check Point Harmony Mobile Introduces Malicious File Protection

The industry’s leading mobile security solution can now block the download of malicious files to mobile devices and prevent file-based cyber-attacks on organizations

By Noa Goldstein, Product Marketing Manager and Guy Lev, Harmony Mobile Product Lead.

Check Point announces the availability of the most complete cyber protection against mobile-related threats with a new version of Harmony Mobile that prevents the download of malicious files. Harmony Mobile is the first mobile threat solution among the industry’s top leading vendors to prevent the download of malicious files to mobile devices. With a staggering rise in mobile related attacks, Check Point Harmony Mobile customers can rest assured knowing that their critical business assets remain protected from even the most sophisticated attacks targeting their workforce via mobile devices. 

The release further extends Harmony Mobile with additional security capabilities including: operating system vulnerability assessment, advanced mitigation capabilities on Samsung devices, easy-to-manage HTTPS inspection, and more, to provide the industry’s best mobile security.

Join a live webinar with our security experts on June 1^st to learn more about Harmony Mobile’s new release and gain a detailed view of the file protection capability.

Register today: Americas, EMEA/APAC

Why do you need File Protection for your mobile?

In today’s hybrid workspace, employees are increasingly using their mobile devices to perform critical business tasks, share sensitive company information and access corporate applications. This new reality has expanded the mobile attack surface and made employees’ mobile devices a significant entry point for cyber attackers.

Organizations worldwide are experiencing a steep increase in mobile cyberattacks, both in quantity and in variety. According to Check Point Research, a staggering 97% of organizations have faced mobile threats from all vectors over the last two years with the rise of mobile ransomware attacks and malware-as-a-service.

One of the most overlooked vectors in mobile security is file download. Over the past weeks, Harmony Mobile has already prevented multiple attack attempts in the wild using malicious files, including botnets and phishing. According to Check Point’s ThreatCloud, out of billions of files scanned weekly, more than 0.5% contain malicious content. Files such as PDF, GIF images, and Excel sheets can all be malicious and facilitate cyberattacks on your mobile device fleet and on your organization.

Just this year we’ve seen highly sophisticated attacks using files as an attack vector including spyware using PDF and GIF files to penetrate mobile operating systems. A similar vulnerability was found by Check Point researchers on the Instagram app.

What can you do to protect your Mobile from malicious files?

Most mobile security solutions can scan files that are related to the mobile operating system, such as apps and iOS profiles, but that does not protect your mobile from other malicious file types such as executables, MS Office files, PDFs and more.

Check Point Harmony Mobile is the only mobile security solution that protects you from any type of file.

How does Harmony Mobile File Protection work?

Harmony Mobile uses ThreatCloud, the brain behind all of Check Point’s products, for scanning files. ThreatCloud combines the latest AI technology with big data threat intelligence, as well as threat intelligence collected and analyzed by Check Point’s elite research team. ThreatCloud provides the best catch rate in the industry of known and unknown threats, blocks attacks faster than anyone else and has zero false positives.

File Protection combines two features:

• File Download Prevention – Harmony Mobile scans downloaded files to the device for malicious intent using Check Point’s ThreatCloud. In case such an intent is found, the download is completely blocked, and the malicious file never reaches the device.
  Early availability tests are already proven to catch and block malicious files in the wild.

• Storage Scanning (on Android devices only) – Harmony Mobile scans all the files in the mobile storage and alerts if any malicious file is found on the device. Scanned by ThreatCloud, if a malicious file is recognized, both the user and the admin will be notified. The user will be advised to delete the file and the admin can choose to restrict the device’s access to corporate resources.

Harmony Mobile File Protection provides a never seen before connection between Check Point’s file protection capabilities and Harmony Mobile’s leading protection mechanism. Both features leverage Check Point’s Threat Emulation and Threat Extraction advanced capabilities to identify and block malicious files and are enhanced by Check Point’s ThreatCloud. These award-winning capabilities have been developed by Check Point over many years, enriched by Check Point’s vast customer database.

Further enhancements in Harmony Mobile file protection

Harmony Mobile’s file protection capabilities will be further enhanced during the year with threat emulation and threat extraction capabilities on your mobile device.

This will allow not only uploading files to Check Point’s Threat Extraction and using Check Point’s tools to identify threats, but it will also enable the user to receive a sanitized version of the file while it is being checked to provide a seamless work experience with minimal impact on productivity.

In addition, this capability will also be leveraged by Check Point Harmony App Protect, an SDK that organizations can embed in the application they develop to safeguard their customer-facing applications and their users. The hosting application will use Harmony App Protect File Protection capabilities to scan files uploaded within the app. It will detect malicious files, preventing them from accessing the organization.

Enhanced Security with Harmony Mobile Release 4.0

As part of Check Point’s continuing drive to enhance Mobile Security while simplifying Security Management, we have released a few more exciting features in this version:

Enhancing Security:

• Samsung Agent Integration
  Harmony Mobile’s device-level integration with Samsung Knox Agent provides a one-of-a-kind ability to perform a solid application vetting, using MARS and launch-prevention for work and personal profiles. The integration creates unique mitigation capabilities for any device protected by Samsung Knox and complete control over devices’ setup including prevention of malicious apps from installing and running on a device or interfering with the Harmony Mobile app activity.
  This allows security admins to meet the most severe corporate and industry requirements for security.
• OS CVE Assessment
  Mobile Operating System vulnerabilities in employees’ devices can risk your organization. This feature enables security admins to understand and remediate the vulnerabilities in the organization’s mobile fleet.  The admin can see the vulnerabilities and the devices containing them and easily set a security policy to prevent them from harming the organization

Harmony Mobile OS CVE Assessment

• • Campaign Detection
    Log analysis can be a complicated and time-consuming task. This feature allows security admins to pre-set notifications according to specific aggregation of logs that might indicate a malicious campaign against the organization, enabling a quick and effective response.

Harmony Mobile Campaign Detection Configuration

Harmony Mobile Campaign Detection on Display

Simplifying Management

• • • • Automated Certificate Deployment
        SSL/HTTPS communication is used by more than 80% of websites today.
        Installing CA certificates to enable SSL Inspection can protect your organization from risks originating from encrypted files. However, the process of installing the certificate can be complicated.
        Automated Certificate Deployment automatically distributes CA certificates to mobile devices, allowing security admins to easily give SSL Inspection capabilities to all the organization’s mobile devices, with no impact on the end-users (full zero-touch).
      • Application Categories
        From now on you can set security policies for mobile applications according to their category in the app store. You can change device risk level or restrict access to users whose mobile device contains applications from unwelcome categories or even block the app’s traffic on Android devices.

Harmony Mobile Application Categories Based Policy

Want to learn more about File Protection and other new and exciting mobile security capabilities in Harmony Mobile?

Register for the Check Point presents the Leading Malicious File Protection for Mobile webinar Americas, EMEA/APAC