shutterstock_391493764Samsung Research America researches and builds new core technologies to enhance the competitive edge of Samsung products. Headquartered in Silicon Valley, Samsung Research occupies locations in key technology centres across North America.

As an industry-leading manufacturer of consumer electronics, Samsung is committed to forward-looking innovation and bringing new products to market ahead of competitors. An extensive portfolio of patented intellectual property forms the core of Samsung innovation. Human resources, legal, and research and development employees routinely work with confidential product plans and proprietary information. The last thing Samsung needs is leaked confidential information, which could significantly compromise its market advantage and the company’s bottom line.

Like many organizations, Samsung employees increasingly work on smartphones, tablets, and their own devices. The IT team must support approximately 800 corporate-owned and 400 employee-owned devices. A couple of years ago, Steven Lentz, CISSP, CIPP/US, Director Information Security at Samsung Research America, recognized the potential security threat to sensitive information on mobile devices.

“Mobile devices don’t operate behind a security infrastructure like corporate PCs, laptops, and servers do,” said Lentz. “Mobile devices are out in the wild, creating potential security issues and enabling malware to enter the network. There’s no mobile firewall to prevent cyber threats from getting in through emails and apps.”

Lentz viewed the problem from two sides. First, he wanted to proactively prevent data leaks from mobile users. Second, he wanted to defend against cybercriminals trying to break in from the outside via phishing emails and other tactics. He set out to find a solution that would meet rigorous requirements.

A new solution had to guarantee that no compromised device could get on the corporate network to begin with, nor could any compromised device access company applications and sensitive data. Once a clean device is allowed on the network, it must be defended. Lentz also needed to protect devices with multiple operating systems, and he needed a way to integrate protection with Samsung’s existing AirWatch by VMWare mobile device management (MDM) and Splunk security information and event management (SIEM) platforms. Integration was essential to enabling full visibility of mobile threats and automatically enforcing security policy across the enterprise.

“Defence in depth is needed because traditional antivirus is not enough for advanced threats,” explained Lentz. “We needed multiple layers of protection and critical features like application-based malware coverage, enterprise integration, and zero-day malware firewall protection for mobile devices.”

 

The Solution

Lentz and his team considered numerous consumer and enterprise antivirus products, but they all fell short. Next, they talked to peers and began evaluating vendors that provided solutions for advanced threats, one of which was Check Point. During a demo, Check Point Mobile Threat Prevention quickly identified several mobile devices that had malware infections. Check Point Mobile Threat Prevention provides multiple layers of defense against exploits, targeted network attacks, mobile malware, and commercially available mobile remote access Trojans (mRATs) that enable spyware and data theft. Samsung chose Check Point Mobile Threat Prevention for its ability to protect devices from app-based zero-day malware and other threats.

“Check Point had more up-to-date information and automated delivery of the latest malware-related intelligence,” said Lentz. “Check Point Mobile Threat Prevention offers the closest thing to zero-day detection on mobile devices. I like it when a product does what it is supposed to do—and more. Check Point did exactly that.”

Check Point Mobile Threat Prevention also integrated seamlessly with AirWatch by VMWare MDM and SIEM platforms. Now, Samsung gained comprehensive visibility into mobile threats and automated enterprise-wide security policy enforcement.

“The deployment took just 3 weeks,” said Lentz. “We deployed Check Point Mobile Threat Prevention solution on the network and automatically activated it on devices using our MDM. It’s easy for administrators to manage.”

After users were informed about the new software being deployed, they didn’t have to do anything different. The AirWatch MDM containerizes business information separately from personal information on users’ mobile devices, and Check Point secures both. Check Point Mobile Threat Protection runs in the background, using minimal system resources. Users didn’t have to learn anything new and are only alerted if the app quarantines the device.

“Our users don’t have to worry about it because it’s invisible,” said Lentz. “We’ve seen high adoption and satisfaction from employees and contractors because it’s easy to register for the software, it respects their privacy, and it runs quietly in the background.”

Proactive security and multiple layers of defense now protect Samsung’s corporate data and intellectual property, and Lentz recommends the solution to peers.

“Check Point Mobile Threat Prevention is the best zero-day malware protection possible for mobile devices,” he said. “There’s nothing else out there with multiple layers of protection. Our IP is secure, and that’s peace of mind.”

 

For more information, visit www.checkpoint.com/mobilesecurity