SecureBox
How can you stay secure if your employees, partners and customers connect to your website from infected or compromised computers?
How do you stop them from entering confidential account information on a convincing phishing website that uses your company branding?
Overview
Security measures such as antivirus, endpoint security and encryption cannot prevent social engineering attacks or other user initiated errors.
SecureBox will create a highly secure communication channel between the endpoints of your customers and company owned servers. Users cannot manually introduce other applications into the SecureBox environment, nor can they access websites other than your own, eliminating the chance of fraud or attacks due to client-side error.
Features
Your application software is run inside an exclusive, security hardened container that cannot be accessed or modified by any other processes that are running on the computer. By effectively separating the application from the underlying operating system, root kits and exploits such as those used in the Target attack cannot gain the privileges they require.
This is accomplished with the following features.
Data Protection: Secures mission critical data by protecting your application's data in memory and on disk data. POS data is being protected from malware, fraudsters etc., allowing companies to ensure customers connect to their services in a secure manner.
Keylogger Protection: Using keyboard virtualization technology, Comodo SecureBox intercepts keystrokes from the keyboard filter driver and encrypts the information, sending it directly to the target window in a customized message. This process bypasses the entire Windows® input subsystem, ensuring that nothing can capture SecureBox-protected keystrokes.
Remote Takeover Protection: With Comodo's application-agnostic screen capture detection technology, Comodo SecureBox defeats remote desktop takeover by intercepting the attempt and switching from the default screen to an isolated desktop screen that displays warning messages, prohibiting the hacker from viewing anything on a user's desktop.
Anti-SSL Sniffing: Comodo SecureBox detects malicious SSL connections and SSL sniffing by intercepting and verifying certificates using Comodo’s trusted root certificate list, effectively preventing Man-in-the-Middle attacks. Note: This feature is critical for other types of applications that users access from mobile devices outside the organizations network. However, POS systems may also be vulnerable to Man-in-the-Middle attacks
Anti-Memory Scrapping: Comodo SecureBox prevents memory scraping by prohibiting external applications from accessing the memory of containerized applications.
Active Virus Removal: Before the application opens, Comodo SecureBox performs a rapid cloud-based scan to detect and terminate all active viruses on the host device. The results of the virus scan are sent to Enterprise administrators for robust reporting purposes.