Sorting
From A to Z
Deployments found: 15
OVERVIEW
Crediton Dairy, based in the heart of Devon in southern England, is a food and beverage company that produces a variety of milk drinks. The company is best known for its “Moo Milk” and “Dairy Pride” brands and has products in 13,500 food retail stores nationwide, making it one of the UK’s leading dairy beverage companies. Its chairman, Neil Kennedy, was presented with the prestigious SW Dairy Industry Award for his outstanding contribution towards the development of the British dairy market.
In 2012, dairy companies Arla Foods UK and Milk Link were given approval to merge by the European Commission (EC). A condition for the approval of the merger was that Crediton Dairy operate as a separate business. Benjamin Evans, formerly with Milk Link, became IT Manager for Crediton Dairy.
CHALLENGE
Evans’ initial task was to implement a web security solution that addressed both security and business challenges Crediton Dairy had been struggling with at the time. Its network had seen continuous attacks from external threats masking as an insider in order to in ltrate and steal sensitive data. These threats would often be in the form of sophisticated ransomware and other advanced threats, with delivery methods that shifted between web and email channels in search of a weakness. Suspicious URLs sent to employees from Director-level positions and phony invitations to download a PDF instructing users to “please pay invoice” are just a few examples Evans saw rsthand within a few weeks of joining the company.
Some attacks were being successfully filtered by the Office 365 Outlook client, but only to the extent of being redirected into a “junk” folder. Nothing was in place to effectively identify or classify information. Crediton Dairy also lacked a solution that delivered real- time security ratings to web or email traffic.
After determining the security included in Office 365 was not up to the task, the challenge was to build a security posture from the ground-up— starting with web—that wouldn’t break the budget. With only a small team to work with, Evans began searching for cloud-based security solutions. On-premises appliances were out of the question —he simply didn’t have the resources to install and manage additional hardware.
SOLUTION
Crediton Dairy assessed multiple web security providers, including Barracuda Networks. But according to Evans, Barracuda Networks couldn’t meet their strict functionality or budgetary requirements.
“There were a few let downs on the way the Barracuda URL filtering worked. It just didn’t feel like home.”
— Evans
As a former Milk Link employee, Evans was familiar with the virtualized classification capabilities and hassle-free maintenance of the Forcepoint Web Security Cloud solution; it was the company’s primary solution for web security.
Following Evans’ recommendation, Forcepoint Web Security Cloud went through a Proof of Concept (POC) at Crediton Dairy. It exceeded all expectations. Evans noted that other cloud versions on the market were too “light” in functionality, compared to the high level of protection with Forcepoint.
“The Forcepoint solution offered more options around the Cloud. Rather than just black-listing or white-listing URLs and email addresses, Forcepoint ticked all of our boxes for functionality.”
— Evans
Deployment was straightforward and simple and the Forcepoint support team was there for Evans whenever needed.
“The Forcepoint support team was very good. When we were originally getting set up, my account manager and the support team took control, had a look where any issues might be, configured the solution, and got it up and running while taking me through some of the new features.”
— Evans
Crediton Dairy’s IT department has always embraced innovation and new technologies. It was one of the first to adopt Office 365 when it became available in the UK. However, because Office 365 comes with only basic security features, it doesn’t properly secure the average working email environment. This was, unfortunately, the case for Crediton Dairy.
“We were starting to see a bit more spam coming through Office 365, compared to where it was when it first came out. We started to look at the email side of Forcepoint, for sure.”
— Evans
Evans and Crediton Dairy chose to implement Forcepoint Email Security Cloud as well as Forcepoint Advanced Malware Detection for Email, incorporating cloud-hosted protection that surpasses the capability of on-premises sandboxes. Evans admits, it was a “no- brainer” for his organization.
“Forcepoint Email Security Cloud has stopped anything suspicious from coming in and I can visibly see what is being stopped and what we’re being protected from. We’re protected and it’s one of those insurance policies that every company needs.”
— Evans
The Crediton Dairy team took advantage of an easy cloud deployment by simply adding the Forcepoint Email Security Cloud to an already deployed Forcepoint Web Security Cloud for coordinated defenses against advanced threats. The deployment of Forcepoint Email Security Cloud was accomplished overnight. Evans and his team began the process on a Friday evening and nished Saturday.
RESULTS
Forcepoint Web Security Cloud solutions met all of Crediton Dairy’s functionality and quality requirements without them having to purchase additional hardware. Staying within budget has freed up resources for other projects. At the same time, Forcepoint Email Security Cloud solution has empowered Crediton Dairy to safely embrace new technologies such as Office 365 and enjoy all of its ef ciencies and cost savings.
Evans recalls how well Forcepoint Cloud solutions integrate well with Active Directory and enhance and complement the Office 365 solution already in place.
“Forcepoint is able to work seamlessly with Office 365. We don’t see any problems at all when we run the two together.”
— Evans
An easy deployment of Forcepoint Web Security Cloud and Forcepoint Email Security Cloud solutions have paved the way for Crediton Dairy to continue to evolve and innovate with safety and con dence.
Crediton Dairy has relied on Forcepoint security solutions since 2015.
Hypo Landesbank Vorarlberg uses a data loss prevention (DLP) solution. Their task is to increase data security and prevent data loss by detecting and blocking the unauthorized transmission of confidential data.
Security E-mail
Financial institutions operating with highly sensitive data that must take all possible preventive measures so that confidential data can not be deliberately or unintentionally passed on to unauthorized persons.
Following an initial specification of a technical solution to prevent unwanted data loss at the e-mail exit, the project team carried out a market investigation with ITS security specialists and system houses. Important: The solution had to work with the existing e-mail infrastructure, based on IBM Notes and Domino.
One of the sources of information was the Magic Quadrant for Content-Aware Data Loss Prevention by market research firm Gartner. As a result of the preliminary investigation, three suppliers remained, two of which were subjected to a detailed practice test. The project team of the IT department installed the products of both manufacturers and subsequently carried out extensive tests with the data from the e-mail archive. At the end of the day, Forcepoint ™ offered the more sophisticated and technically more elegant solution.
Define safety regulations and check them effectively
The actual technical implementation of the software - the Forcepoint Data Security Suite - and the additional measures proved to be more complex than initially estimated. From an organizational point of view, it was again examined which data are of critical importance for the Hypo Landesbank Vorarlberg and must be protected against unintentional forwarding. It was determined, for example, in which business processes the sensitive data are used and the rules for dealing with personal and sensitive data. Because all these safety rules must be considered in the DLP solution.
The main questions were: What data should be protected? Who is allowed to use, read or modify which data in which business processes? Where can sensitive data be safely sent? The works council was involved from the outset in all organizational measures affecting the Bank's employees, since the new solution analyzes mail contents, but not the behavior of the employees.
The data security suite stores the digital fingerprints of all sensitive data in a single, centralized, and encrypted form, with the help of the Forcepoint Data Security Suite, a "digital fingerprint" of the operational data to be protected , Which is updated once a day and serves as a reference for monitoring all activities carried out with the sensitive data.
Misuse in time
Forcepoint's DLP solution then actively intervenes in the event when confidential data are intended to leave the bank via IBM Notes Mail. First, the DLP solution calculates the fingerprints of the data in the e-mail and compares the result with the values in the fingerprint database and the associated security rules. If no rule violation occurs, the data can be sent.
If, on the other hand, the sender is not allowed to send this data, he receives notification and the delivery process is stopped. At the same time, the bank's compliance department receives a message of the transaction. She asks the sender for an opinion as to why the data should be sent.
The business challenges that led the profiled company to evaluate and ultimately select Forcepoint Secure Web Gateway:
- Experienced the following challenges that prompted them to choose Forcepoint Secure Web Gateway:
- A lack of scalability of their previous security solution
- Needing advanced capabilities to protect growing mobile and global workforce
- Evaluated or previously used the following vendors before choosing Forcepoint Secure Web Gateway:
- Symantec/Blue Coat
- McAfee Web Gateway
- Has a hybrid deployment (cloud and on-premises) location strategy for web security.
- Identifies the following as the capabilities that carried the most weight when they chose to migrate to Forcepoint Secure Web Gateway:
- Efficacy of solution
- Deployment flexibility
- Rates the implementation of Forcepoint Secure Web Gateway as extremely easy.
- Rates Forcepoint Secure Web Gateway as extremely effective.
- Achieved the following results after using Forcepoint Secure Web Gateway:
- Expanded security coverage with integrated modules like Cloud Access Security Broker (CASB), Advanced Malware Detection (AMD), Data Loss Prevention (DLP)
- Experienced enhanced reporting functionality within a centralized reporting system
Challenge
As the leader of Finansbank’s Security Incident Management department, Ahmet Taskeser knows that financial institutions are prime hacking targets for threat actors around the world. It is his responsibility to manage and protect Finansbank’s customer data — including account numbers, credit card numbers and security tokens — against constant cyberattacks and data theft efforts. These data security challenges involve conducting malware analysis, managing fraud detection efforts and deploying effective data theft prevention solutions to counter the inbound and outbound threats that his team faces on a daily basis.
For instance, Taskeser is keenly aware that threat actors are using various inbound attack techniques against Finansbank’s security systems in their attempts to gain access to customer data. Some of these attack techniques include advanced persistent threats (APTs) and phishing emails, among others. These evolving threats pose significant and ongoing risks of data breach to Finansbank.
In addition to these inbound threats, Taskeser knows that he must also guard against outbound threats that can lead to data loss and data theft. Outbound data security is a formidable challenge involving accidental as well as malicious actions by Finansbank employees. He understands that regardless of the source, a successful data breach can have a widespread effect that could not only negatively impact its depositors and financial partners, but can also severely damage - if not destroy - the bank’s brand:
“The most important thing that we are trying to protect is the reputation of Finansbank, which is priceless for us.” — Ahmet Taskeser
Solution
Due to this wide range of potential external cyberattacks and insider-based data theft, Finansbank required a versatile yet powerful security solution to defend against the evolving external threat landscape as well as effectively address the insider threat. After completing proof-of-concepts with multiple security vendors, Finansbank ultimately chose to deploy Forcepoint DLP. The advantages were clear and compelling:
“With Forcepoint, the solution was much more scalable, had less false positives and fingerprint technologies. We didn’t need to add servers to deploy their security solutions, either. With other competitors’ solutions, we were required to add up to 12 servers. This, coupled with the expertise and exceptional support from the Forcepoint engineers, made the decision to go with Forcepoint very simple for us.” – Ahmet Taskeser
The Finansbank security team also utilized Forcepoint engineers to install the solution. Their expertise was extremely apparent by showing how quickly the Forcepoint solution was deployed:
“Installation was really great. One engineer came in and after two days everything was ready and we were detecting all incidents on my screen which was unbelievable because it took just two days. Other products we considered were really hard to install and configure. It would take up to two weeks for installation plus one more week for configuration; but for Forcepoint it took just two days, which was unbelievable.” – Ahmet Taskeser
Results
Finansbank has experienced the benefits of Forcepoint DLP in multiple ways – from improved Insider Threat controls to significant reductions in the resources required to maintain its data security needs. One of the most immediate results has been through the detection and prevention of internal data theft. Taskeser describes an issue they had in which an employee attempted to gain access to data improperly:
“We had an issue with an employee. He was trying to gain access to some customer data but was prevented from doing so using Forcepoint DLP. I wasn’t expecting Forcepoint to detect such a detailed test but it did. My manager and upper management are very happy about this high level of quality from Forcepoint.” – Ahmet Taskeser
Not only does the solution provide superior data theft prevention, but the management of the solution has been particularly beneficial. The Forcepoint solution has only one interface to manage all policies. This makes it easy for Taskeser to administer or update policies no matter if the user is working on-site or remotely.
Finansbank has experienced a direct, positive financial result by implementing Forcepoint as well:
“Before Forcepoint, we had four employees who were devoted to reviewing highly secure documents before they were sent to auditing companies. Now Forcepoint does the reviewing for us.” – Ahmet Taskeser
As a high-profile financial institution serving millions of customers and responsible for hundreds of billions of assets, the stakes are high for Finansbank and Taskeser. Protecting its customers' critical data requires advanced Data Theft Prevention that proactively stops inbound and outbound threats as well as preventing data from going where it shouldn’t. This dramatically improved the protection level of their critical data and has allowed Taskeser to more efficiently leverage his security assets as well as raise the security IQ of Finansbank employees.
For Finansbank, Forcepoint's advanced, proactive security lets the company serve its customers with confidence. But it also delivers just a bit more:
“I sleep better at night knowing that our data is secure with Forcepoint.” – Ahmet Taskeser
Finansbank has relied on Forcepoint security solutions since 2007.
As the leader of Finansbank’s Security Incident Management department, Ahmet Taskeser knows that financial institutions are prime hacking targets for threat actors around the world. It is his responsibility to manage and protect Finansbank’s customer data — including account numbers, credit card numbers and security tokens — against constant cyberattacks and data theft efforts. These data security challenges involve conducting malware analysis, managing fraud detection efforts and deploying effective data theft prevention solutions to counter the inbound and outbound threats that his team faces on a daily basis.
For instance, Taskeser is keenly aware that threat actors are using various inbound attack techniques against Finansbank’s security systems in their attempts to gain access to customer data. Some of these attack techniques include advanced persistent threats (APTs) and phishing emails, among others. These evolving threats pose significant and ongoing risks of data breach to Finansbank.
In addition to these inbound threats, Taskeser knows that he must also guard against outbound threats that can lead to data loss and data theft. Outbound data security is a formidable challenge involving accidental as well as malicious actions by Finansbank employees. He understands that regardless of the source, a successful data breach can have a widespread effect that could not only negatively impact its depositors and financial partners, but can also severely damage - if not destroy - the bank’s brand:
“The most important thing that we are trying to protect is the reputation of Finansbank, which is priceless for us.” — Ahmet Taskeser
Solution
Due to this wide range of potential external cyberattacks and insider-based data theft, Finansbank required a versatile yet powerful security solution to defend against the evolving external threat landscape as well as effectively address the insider threat. After completing proof-of-concepts with multiple security vendors, Finansbank ultimately chose to deploy Forcepoint DLP. The advantages were clear and compelling:
“With Forcepoint, the solution was much more scalable, had less false positives and fingerprint technologies. We didn’t need to add servers to deploy their security solutions, either. With other competitors’ solutions, we were required to add up to 12 servers. This, coupled with the expertise and exceptional support from the Forcepoint engineers, made the decision to go with Forcepoint very simple for us.” – Ahmet Taskeser
The Finansbank security team also utilized Forcepoint engineers to install the solution. Their expertise was extremely apparent by showing how quickly the Forcepoint solution was deployed:
“Installation was really great. One engineer came in and after two days everything was ready and we were detecting all incidents on my screen which was unbelievable because it took just two days. Other products we considered were really hard to install and configure. It would take up to two weeks for installation plus one more week for configuration; but for Forcepoint it took just two days, which was unbelievable.” – Ahmet Taskeser
Results
Finansbank has experienced the benefits of Forcepoint DLP in multiple ways – from improved Insider Threat controls to significant reductions in the resources required to maintain its data security needs. One of the most immediate results has been through the detection and prevention of internal data theft. Taskeser describes an issue they had in which an employee attempted to gain access to data improperly:
“We had an issue with an employee. He was trying to gain access to some customer data but was prevented from doing so using Forcepoint DLP. I wasn’t expecting Forcepoint to detect such a detailed test but it did. My manager and upper management are very happy about this high level of quality from Forcepoint.” – Ahmet Taskeser
Not only does the solution provide superior data theft prevention, but the management of the solution has been particularly beneficial. The Forcepoint solution has only one interface to manage all policies. This makes it easy for Taskeser to administer or update policies no matter if the user is working on-site or remotely.
Finansbank has experienced a direct, positive financial result by implementing Forcepoint as well:
“Before Forcepoint, we had four employees who were devoted to reviewing highly secure documents before they were sent to auditing companies. Now Forcepoint does the reviewing for us.” – Ahmet Taskeser
As a high-profile financial institution serving millions of customers and responsible for hundreds of billions of assets, the stakes are high for Finansbank and Taskeser. Protecting its customers' critical data requires advanced Data Theft Prevention that proactively stops inbound and outbound threats as well as preventing data from going where it shouldn’t. This dramatically improved the protection level of their critical data and has allowed Taskeser to more efficiently leverage his security assets as well as raise the security IQ of Finansbank employees.
For Finansbank, Forcepoint's advanced, proactive security lets the company serve its customers with confidence. But it also delivers just a bit more:
“I sleep better at night knowing that our data is secure with Forcepoint.” – Ahmet Taskeser
Finansbank has relied on Forcepoint security solutions since 2007.
Deutsche Vermögensberatung (DVAG) in Frankfurt am Main is the world's largest independent financial sales organization. The company is the market leader in essential areas of the private old market. More than 37,000 asset advisors advise and support around 5.2 million customers. In the field of e-mail security, DVAG is using a hosted solution from Forcepoint ™. This makes the employees highly effective against spam and viruses. The solution turns threats out of the Web, even before they reach the computers and the network of Deutsche Vermögensberatung.
The problem
Open source spam filter did not meet expectations
Like many other companies, the IT department of Deutsche Vermögensberatung in Frankfurt am Main has already installed anti-virus software and spam filters. While the virus protection worked perfectly, the spam filter to protect the emails remained behind the expectations. "A number of colleagues from all departments were still complaining about a myriad of spam mails," reports Dirk Käs, IT Services Dept. Director at Deutsche Vermögensberatung. "The detection rate of the initially used open source application was insufficient and at the same time we had to realize that the effort to maintain the filters was too high." The consequence could therefore only be that the IT department looks for a professional solution in the form of a managed e-mail security service. "To look after the fine-tuning of spam filters is, in our opinion, not one of the core competencies of the IT department," explains Dirk Käs.
The solution
Multiple protection against e-mail-based threats
Käs and his team decided to carry out a pre-study with BlackSpider / SurfControl (in October 2007, Forcepoint SurfControl). In the first selection, the most important providers of hosted solutions came. The basis for the decision was a detailed list of criteria, in which BlackSpider met the requirements best. The framework for the pre-study: the software for 30 Lotus Notes mailboxes from IT staff had to prove their abilities over a period of three months. The test ran so successfully that after the conclusion the decision was made to implement the solution company-wide.
Today the mailboxes of all employees of Deutsche Vermögensberatung are protected by Forcepoint Cloud Email Security - the current name for the services. This applies first and foremost to the approximately 800 internal staff members who use IBM Lotus Notes as a messaging system. In addition, there are more than 34,000 sales representatives. For e-mail communication, they use a Java application developed by Deutsche Vermögensberatung, which has been optimally adapted to the sales solution.
All e-mail traffic is now running through the data centers of Forcepoint. Technically, the MX record (MX = Mail Exchange) had to be converted to the Forcepoint Datacenter. Today all incoming and outgoing e-mails are checked. The data centers have load-sharing capabilities and are designed as redundant high-availability clusters located at eleven geographically diverse locations around the world. To ensure a high degree of global and local security, data protection and confidentiality, all data centers are certified according to ISO / IEC 27001. Through service level agreements, ie service agreements, Forcepoint guarantees the availability of the services and provides emergency plans for uninterrupted operation.
The latest findings from the Forcepoint Security Labs are continuously being integrated into the cloud security software. Here, more than 500 million e-mails are scanned per week and search for hidden security risks. In addition, the ThreatSeeker technology is used to analyze more than 600 million websites per week in order to identify known and new threat potentials. ThreatSeeker consists of a complex linking of mathematical algorithms, a profiling of the behavior patterns of attackers and a detailed analysis of malicious program codes. This is complemented by sophisticated data mining functions. The results of these security analyzes are automatically received in the form of real-time security updates in the hosted as well as in the security products used on-site.
The result
Centralized security for all employees
The Deutsche Vermögensberatung uses two modules of the Cloud Email S
Our goal was to keep everything as simple as possible, not complicated. Forcepoint™, in comparison with other systems, clearly, offered the best solution.
Wolfgang Allgäuer
IT Infrastructure Manager OSI Food Solutions
Have similar needs?
OVERVIEW
OSI Group, LLC (OSI) provides products and supplies for the food industry, worldwide. It supplies beef, pork, poultry and seafood, as well as vegetable, dough, fruit and cheese-based products. OSI is a well-known supplier for global food chains such as Subway, Starbucks, Pizza Hut and McDonalds. The company is based in Aurora, Illinois with additional offices in the United Kingdom, Germany and China.
CHALLENGE
Email is a high-priority service for OSI due to its extensive use across all international locations. OSI experienced a strong uptick in the volume of threatening inbound emails containing malicious links or fraudulent content. These attacks were becoming more sophisticated and equally catastrophic. Employee carelessness with regards to email protocol became an easy way for hackers to inflict damage and steal confidential information. Additionally, the basic anti-spam solution that OSI had initially installed was strictly limited to on-premises protection and was unable provide the scalability necessary to protect a growing workforce of remote employees.
OSI needed a solution to thwart phishing attacks, provide web protection and enforce usage policies that would ensure the security of its roaming users operating in any network. Reducing downtime while delivering a superior performance was prioritized to increase employee productivity and protect OSI’s reputation.
“Our network continued to be compromised, which was significantly frustrating our administration. Therefore, we looked into the market for a new solution which would get rid of these issues once and for all.“
— Wolfgang Allgäuer, IT Infrastructure Manager, OSI
SOLUTION
While searching for a new solution, OSI strived to avoid the expense of future on-site installations. With that in mind, Allgäuer and his colleagues concentrated their purchasing criteria exclusively on cloud-based security. They turned to long-term, trusted partner, EyeT Secure Technologies, in Ottobrunn, located near Munich.
EyeT, specializing in IT security consulting, training and licensing, recommended the use of cloud-based email security from Forcepoint. TRITON AP-EMAIL Cloud (now Forcepoint Cloud Email Security) secures the communication channel most often used in the early stages of an advanced attack, empowering mobile workers and the safe adoption of new technologies without the need for additional hardware.
“Deployment was quite simple. We only had to adjust the channels of communication to the Cloud and customize the MX records. That took a maximum of half a day to complete.”
— Allgäuer
Empowering mobile workers was a large part of the Forcepoint project—about 60% of OSI’s endpoints are laptops, which are constantly connecting to third-party networks. Convinced by the success of TRITON AP-EMAIL Cloud, OSI implemented TRITON AP-WEB Cloud (now Forcepoint Cloud Web Security), which works effortlessly to protect roaming users operating out of any network.
“If our employees connect from outside the corporate network, they now go through the web security solution seamlessly, as if they never left the office.”
— Allgäuer
The OSI security team in Germany is responsible for securing all of OSI’s European offices. In this critical role, OSI security has the responsibility of creating uniform standards for protecting the organization’s reputation and assets. It must, therefore, deploy solutions that maximize Content Security across an entire infrastructure. TRITON AP-EMAIL Cloud and TRITON AP-WEB Cloud share a common architecture that unifies management and provides visibility into real-time global activity.
“Our goal was to keep everything as simple as possible, not complicated. Forcepoint, in comparison with other systems, clearly offered the best solution.”
— Allgäuer
RESULTS
By deploying Forcepoint’s Cloud security solutions, OSI has drastically decreased the administrative burden on its IT team. The TRITON architecture ensures full unified management and coordination of inbound and outbound defenses across OSI gateways.
“Our employees no longer receive emails that might contain malicious content and the solution requires little attention which makes a considerable difference to our IT administrators. We are very pleased with the Forcepoint solution.”
— Allgäuer
OSI was so convinced of these benefits that, to date, approximately 75% of its European locations now have a deployed security solution from Forcepoint. In addition, Allgäuer has confirmed that Forcepoint will be used as a pan-European standard for OSI moving forward. OSI Food Solutions has relied on Forcepoint security solutions since 2010.
"We are able to control costs and plan more efficiently by using Forcepoint solutions”, - Gianluca Giovannetti, Chief Information Officer Amadori Group
Amadori Enhances Security by Consolidating on Forcepoint
Agri-food leader Amadori’s success is based on the way it manages the entire integrated production chain including farms, feed producers, hatcheries, and food processing plants. The company decided to take the same integrated approach to cybersecurity with Forcepoint.
Challenges
Amadori Enhances Security by Consolidating on Forcepoint
Agri-food leader Amadori’s success is based on the way it manages the entire integrated production chain including farms, feed producers, hatcheries, and food processing plants. The company decided to take the same integrated approach to cybersecurity with Forcepoint.
Challenges
- New channels for internal and external collaboration required a security upgrade
- Spam help desk support calls required too much time to handle
- Increasing number of users working off-site, sometimes in public areas, with little protection led to new security risks
- Forcepoint Email Security Cloud to eliminate spam and malware before it reaches the company network
- Forcepoint Web Security to protect both office and remote workers from phishing sites, spyware, and malicious code
- Users and the company can take advantage of new external collaboration tools safely
- Eliminated need for help desk to manually check blocked emails; instead users receive a daily report of emails quarantined, freeing up help desk time to focus on more pressing priorities
- Consolidating on Forcepoint for all its key needs enabled the organization to reduce total cost of ownership and administrative overheads, while increasing planning efficiency.
To meet the company’s stringent security needs, Alphawest has been using Forcepoint Web and Email Security since 2012. The solution supplements traditional reputation-based filtering needs with intelligent content inspection and advanced analytics.
“Maintaining a separate solution is inefficient and, frankly, frustrating. Adopting a hybrid web and email security solution from Forcepoint has given us the best of both worlds. It delivers great IT management efficiencies because a single management console configures both the cloud services and our internal appliances. So you do everything once and you are protected twice. But at the same time, it ensures we maintain those multiple lines of defense. It is redundancy without replication.”— Watts
OVERVIEW
Founded in 1996, Cobweb Solutions offers a range of Cloud solutions including: Hosted Microsoft Exchange, Office 365, Enterprise Mobility Suite, Azure, Power BI, Dynamics CRM, Hosted Desktop, Email Archiving, Email Encryption and Cloud Backup.
Based in Fareham, Hampshire and Canary Wharf, London Cobweb provides Cloud solutions to over 6,000 SMBs and over 320 partners through Vuzion the new cloud aggregator business for resellers. An early adopter of Microsoft Exchange, Cobweb is a long-established provider of cloud communications and a gold-status member of the Microsoft Partner Network.
CHALLENGE
Cobweb provides hosted services for over 150,000 mailboxes, managing firewalls for hundreds of locations with complex, overlapping IP schemas. The impact of overlapping schemas to Cobweb and its customers created an inability to deliver the service to customers.
“It’s a monumental task. Having easy-to-access insight into the whole system is a necessity. The company’s reputation hinges on its services being secure and constantly up and running.” — Julian Dyer, Chief Technical Officer, Cobweb
Furthermore, Cobweb has to ensure that the environment is up-todate in order to manage a continually evolving threat landscape. Visits to perform data center upgrades in Segensworth, Fareham, and one in Telehouse, London were proving to be time intensive, and the company needed a system it could rely on to upgrade automatically.
SOLUTION
According to Dyer, the decision to migrate to Forcepoint Stonesoft Next Generation Firewall (NGFW)—part of the Forcepoint Security product offering—was not taken lightly. Cobweb wanted to move away from the expensive licensing model it had previously, and pay only for the features it needed. The deployment option of Stonesoft Softwareas-a-Service (SaaS) for virtual versions of Stonesoft NGFW is the affordable licensing model Cobweb was looking for.
In addition, centralized security management, combined with the flexibility to add security features such as a delegated local administrator and capacity, helped drive the decision to implement Stonesoft NGFW.
“We were able to replace overlapping encryption domains with site-to-site VPNs that take minutes to configure. We simply use the domain feature to logically separate the organization, delegating local administrative control if we choose.” — Dyer
RESULTS
Implementing Stonesoft NGFW has enabled Cobweb to increase bandwidth, add connections, and aggregate across network links safely and securely, giving multiple seamless failover options. The single management platform provides admins with quicker response times to all change requests and any incidents that may occur on the network.
Ultimately, with Stonesoft NGFW and centralized firewall management, Cobweb is now equipped with the tools to manage network security holistically in real-time mode, utilize shared network connections, and benefit from shared logging, reporting, auditing, and other tools. Ease-of-use makes Stonesoft NGFW an effective and efficient security solution, saving valuable time and resources for Cobweb.
“No more standing in cold data centers for hours configuring a firewall or performing upgrades. Forcepoint Stonesoft Next Generation Firewall does 99% of our network configuration, reducing what used to take hours to minutes. Everything is done through the management platform. I am one happy customer.” — Dyer
Cobweb has relied on Forcepoint solutions since 2012.
Challenge
Designed and developed by in-house software engineers, Fusion’s VDC is a suite of service solutions that delivers infrastructure for data centers and IT operations as cloud-based services. VDC enables “cloud to desktop” solutions for new and existing customers, and brings the cloud and network closer together, helping Fusion provide improved service level agreements (SLAs). By moving to the cloud, Fusion would be able to move from a CAPEX to OPEX model, resulting in reduced and better managed costs. Developing on the cloud meant that the company could grow rapidly without investing in physical hardware. Security is a critical part of the VDC solution. Fusion needed to choose a security vendor who would be able to protect customer data onpremises, on mobile devices, and in the cloud while working within an affordable budget. “There is no doubt that hackers are getting more sophisticated in their attack methods. Education is one of our biggest issues — remote office computers don’t always have the latest security updates, leaving them vulnerable to attack, and potentially posing a threat to our services.” — Lee Norvall, CTO, Fusion Media Networks
Solution Initially, Fusion became a Forcepoint reseller after one of its partners recommended the company as a well-established player in the security market. “Having sold the Forcepoint Next Generation Firewall for some time, we were confident in its ability to protect against Advanced Evasion Techniques (AETs). Additionally, after using the solution, we believed that the firewall would provide us with exactly the right level of security protection that both we and our customers were looking for.” - Norvall After a series of environment-wide product tests, Fusion decided to incorporate the Forcepoint NGFW into its VDC solution. Forcepoint NGFW provides centralized management, application awareness and user identification, intrusion prevention, Anti-Spam, Anti-Virus, web filtering and protection of remote offices from advanced evasion techniques.
Results The VDC solution, combined with Forcepoint’s robust security solution, enables Fusion’s customers to benefit from reliable data security and guaranteed network continuity as well as secure information flow between business units. Fusion hosts the NGFW off premises within the core network and enables one virtual instance of the firewall per customer. Forcepoint NGFW provides network segmentation, server load balancing, and the possibility of utilizing reserve carrier capacity when Internet connections are overloaded. The solution provides Fusion with a clear view of its client’s data, enabling the company to offer full protection against threats, regardless of location. This means customers can benefit from zero disruption to services and concentrate on their core business activities. “Our experience with Forcepoint NGFW has exceeded our expectations. To date, they have provided us with both reliable support and short response times to queries. Additionally, by making use of the security management center (SMC) to manage all queries from one centralized system, we have been able to cut costs by 30 percent.”- Norvall
Fusion Media Networks has relied on Forcepoint security solutions since 2012.
Designed and developed by in-house software engineers, Fusion’s VDC is a suite of service solutions that delivers infrastructure for data centers and IT operations as cloud-based services. VDC enables “cloud to desktop” solutions for new and existing customers, and brings the cloud and network closer together, helping Fusion provide improved service level agreements (SLAs). By moving to the cloud, Fusion would be able to move from a CAPEX to OPEX model, resulting in reduced and better managed costs. Developing on the cloud meant that the company could grow rapidly without investing in physical hardware. Security is a critical part of the VDC solution. Fusion needed to choose a security vendor who would be able to protect customer data onpremises, on mobile devices, and in the cloud while working within an affordable budget. “There is no doubt that hackers are getting more sophisticated in their attack methods. Education is one of our biggest issues — remote office computers don’t always have the latest security updates, leaving them vulnerable to attack, and potentially posing a threat to our services.” — Lee Norvall, CTO, Fusion Media Networks
Solution Initially, Fusion became a Forcepoint reseller after one of its partners recommended the company as a well-established player in the security market. “Having sold the Forcepoint Next Generation Firewall for some time, we were confident in its ability to protect against Advanced Evasion Techniques (AETs). Additionally, after using the solution, we believed that the firewall would provide us with exactly the right level of security protection that both we and our customers were looking for.” - Norvall After a series of environment-wide product tests, Fusion decided to incorporate the Forcepoint NGFW into its VDC solution. Forcepoint NGFW provides centralized management, application awareness and user identification, intrusion prevention, Anti-Spam, Anti-Virus, web filtering and protection of remote offices from advanced evasion techniques.
Results The VDC solution, combined with Forcepoint’s robust security solution, enables Fusion’s customers to benefit from reliable data security and guaranteed network continuity as well as secure information flow between business units. Fusion hosts the NGFW off premises within the core network and enables one virtual instance of the firewall per customer. Forcepoint NGFW provides network segmentation, server load balancing, and the possibility of utilizing reserve carrier capacity when Internet connections are overloaded. The solution provides Fusion with a clear view of its client’s data, enabling the company to offer full protection against threats, regardless of location. This means customers can benefit from zero disruption to services and concentrate on their core business activities. “Our experience with Forcepoint NGFW has exceeded our expectations. To date, they have provided us with both reliable support and short response times to queries. Additionally, by making use of the security management center (SMC) to manage all queries from one centralized system, we have been able to cut costs by 30 percent.”- Norvall
Fusion Media Networks has relied on Forcepoint security solutions since 2012.
The results with Forcepoint NGFW have been extraordinary – outstanding performance, lower costs, and, most important, considerably fewer invasions.
Hendrik Walter
IT Director Avency
OVERVIEW
Avency is a B2B digital services provider based in Telgte, Germany. The company is an independent ISP with more than 20 years of experience in providing online and various datacenter services. Avency provides domain, mail, hosted security and cloud services and builds and designs online applications.
Avency currently hosts more than 1,200 websites/applications and 7,000 domains for a wide range of businesses including retail, social media, manufacturing, and nance. Avency’s focus on data center security is a key differentiator from other hosting companies.
CHALLENGE
As IT director for Avency, Hendrik Walter is also Forcepoint’s first Accredited Channel Engineer (ACE) for NGFW in Germany. Walter and his team made a large investment in a proprietary ISP system that makes it completely independent and autonomous. Naturally, high availability and security were large concerns, particularly with regard to intrusion prevention and data loss prevention.
To meet its ongoing security requirements, the company decided to migrate its data center from Check Point to a more suitable solution.
SOLUTION
Avency ultimately chose to implement Forcepoint Next Generation Firewall (NGFW) with the Forcepoint Security Management Center (SMC).
“After an extensive market evaluation, we realized that Forcepoint NGFW would offer superior performance, evasion protection, and cost benefits. Forcepoint is the only solution that offers mature multitenant capabilities. Plus, it offers a lower total cost of ownership since the SMC license includes built-in features that competitors lack.”
— Hendrik Walter, IT Director, Avency
Protected by Forcepoint NGFW, Avency offers several levels of security-based services to its clients. The most comprehensive is Managed Firewall Services, in which customers rent their firewalls from Avency and have full access to the SMC. Through Forcepoint NGFW’s multitenancy capabilities, Avency is able to provide each client with its own secure, separate domain that is inaccessible to other clients. Customers can access the SMC to manage their own firewalls, or they can contract with Avency to provide firewall management as needed.
“With the domain management features of Forcepoint NGFW and the well-engineered role systems in SMC, the solution is multitenant in every way. With the reporting tool, clients can automatically receive weekly or monthly reports about attacks, traf c, and all other events.”
— Walter
Through Avency’s Datacenter Firewall Services, customers outsource their IT infrastructures to Avency but maintain access to their rules, policies, and logs. These capabilities are powered by the SMC’s subrule feature and Web Portal Server.
Also through the SMC’s Web Portal Server, Avency offers a Web Hosting service that enables customers to view live log data. Armed with this data, clients can troubleshoot connection/speed issues and stay informed of attacks targeting their Web applications.
RESULTS
With the built-in exibility of Forcepoint NGFW, Avency is able to write its own signatures and correlations in order to provide a perfect t with customer use cases.
“The solution’s extremely robust log and reporting functionality, coupled with best-in-class alert and escalation management, means we can react three times faster to incidents than we could before. Also, the centralized management, API functionality, and intelligent domain/user model mean that admins and customer can work simultaneously on their own rules and elements.”
— Walter
As Avency built momentum for its in-house use of Forcepoint NGFW, customers began to take notice.
“Our clients were curious as to how we could offer these efficient and flexible security services at such a competitive price point. This prompted us to use our experience and confidence in the products to become a Forcepoint NGFW reseller.”
— Walter
Through its Forcepoint NGFW reseller services, Avency actively monitors the customer rewalls around the clock and contacts the clients when critical events occur.
“Clients pay only a fixed monthly fee. Even with only a small budget, they’re able to get best-in-class firewall protection with expert management, and without having to make a high upfront investment. Our results with Forcepoint NGFW have been extraordinary – outstanding performance, lower costs, and, most important, considerably fewer invasions. Forcepoint is the right partner with which to grow our firewall security business.”
— Walter
Avency has relied on Forcepoint solutions since 2012.
Overview
The Air Force Central Command (AFCENT) is responsible for supporting all air operations conducted in Southwest Asia and providing enhanced capabilities to the warfighters. In 2009, the 350th Electronic Systems Group (ESG) engaged in a project to establish a new combined air and space operations center, or CAOC. Prior to the new facility, U.S. and coalition forces utilized a "temporary" warehouse-like facility for six years.
Challenge
The new CAOC had to provide more robust systems to accommodate users and improve interoperability. They also had to make the best possible use of physical space and reduce power consumption. Most importantly, the switch from the old facility to the new one had to be seamless so as not to interrupt mission operations. The CAOC was controlling air operations in two live theaters at transition time.
This project, from planning to implementation, was completed in less than two years. From the initial demonstrations and proof of concept in 2007 to receiving an Authority to Connect for Secret and Below Interoperability (SABI) in April 2009 to full-scale deployment in the summer of 2009, the project was efficiently and effectively executed. This desktop consolidation project presented other challenges for all parties because AFCENT’s mission requires 24x7 operations with 99.99 percent availability.
Solution
To accomplish this large-scale effort, AFCENT selected Forcepoint™ Trusted Thin Client™ as the multilevel security component and technologies from Citrix®, NetApp®, and Avocent® to round out the solution.
In order to recover needed work space, decrease power consumption, and modernize their computing environment and network infrastructure, AFCENT’s goal was to replace 95 percent of all desktop computers with thin clients. By implementing the Trusted Thin Client software, multiple desktop systems at each user’s workstation were replaced by a single Hewlett Packard™ (HP) thin client device. Users can now view multiple networks, even at different classification levels, from a single monitor.
Today, 1,648 Trusted Thin Client seats have been deployed. There are multiple Distribution Consoles on the back end to support users, load balancing, and failover. The Trusted Thin Client deployment began by providing network separation for four classified networks and is now providing secure access to six different networks. Over 120 Command and Control (C2) applications are supported with this implementation. The U.S. AOC has deployed 300 thin clients that provide access to five networks supporting C2 applications. Users at both locations can access all required networks within acceptable levels of network latency. This access also allows users to collaborate effectively with coalition forces working at differing security classifications.
Results
The benefits that the Trusted Thin Client solution provides are substantial. User productivity has increased because users no longer have to switch from multiple hardware systems to access the information necessary to perform their jobs. Workspace is not only less cluttered but there is more physical workspace available. Hardware and software administration is much more efficient because most of the computing power is now centralized on the back end, where it is easily accessed by administrators and IT staff. They no longer have to worry about maintaining numerous desktop systems. Power consumption, wiring, and air conditioning have also been greatly reduced. AFCENT’s network infrastructure and overall power consumption has decreased by 22 percent, significantly reducing the Air Force’s annual cost burden.
As an added benefit to equipment reduction and modernization of software and network infrastructure, user’s audio-video display capacity has been increased by 60 percent. This capacity increase allows for the use of multiple large monitors/displays per thin client device and the ability to view simultaneous live video feeds and access mission-critical applications that require large viewable areas.
Summary
The implementation of Forcepoint at the CAOC resulted in significant increases in the efficiency with which authorized personnel are able to access mission-critical information for analysis, operational capabilities, resources, readiness and sustainability. All of these areas are critical in AFCENT’s mission to control U.S. air operations in Southwest Asia as they fight the Global War on Terrorism. The 350th ESG believes that the CAOC establishes a standard for future command and control capability in other AOCs worldwide.1
The CAOC and the CAOC Annex, which is stateside, continue to add additional seats in support of a growing user base. In addition, the CAOC Annex has upgraded to the latest TTC software, allowing them to reap even greater efficiencies that will only increase as AFCENT continues to deploy TTC to the CAOC and the rest of their users.
(1) The Integrator U.S. Air Force, 15 October 2009, Vol. 5, No. 40
The need to define clearer roles and protocols pushed FERCAM to adopt the Forcepoint Web Security solution:
“We analyzed various offers but our decision was based on the ease of use, the speed of implementation and, above all, the granularity of Forcepoint technology. Today we not only utilize effective and up to date blacklists, but we can determine which portions or services within a particular site to make available or which to block.”— Albiero FERCAM managed to define policies for specific user categories while appropriately filtering access to specific web sites or pages. Increased network restrictions will always cause blowback from its most frequent users. However, it did not take long for this staff to accept the increased security after appreciating an overall improved performance.
Overview Adventist Health is a not-for-profit healthcare organization which operates facilities throughout the western U.S. states of California, Hawaii, Oregon, and Washington. It is run by the Seventh-day Adventist Church. Its heritage dates back to 1866 when the first Seventh-day Adventist health care facility opened in Battle Creek, Michigan. Currently, Adventist Health contains 20 hospitals, more than 275 clinics, 15 home care agencies and a workforce of 31,000 employees, physicians, and volunteers. Challenge For Bruce Chitester, Security Analyst at Adventist Health, the top security dilemma is how to safely embrace new technology without putting the hospital chain’s patient database at risk. Although the healthcare sector faces some very specific regulatory and legal requirements, as well as medical technology obstacles to maintaining its data integrity, neither Adventist Health nor the healthcare sector at large are alone in having to meet this challenge. The reality is that ALL organizations face the difficulty and necessity of embracing new technology without putting their entire enterprise at risk. But as Adventist Health shows us, with the right Data Theft Prevention processes and tools in place, it can be done. The more powerful and sophisticated digital technology (and digitally-connected medical technology) becomes, the easier it is to use and save lives. Unfortunately, technological advances also make it easier for cybercriminals to access and exploit critical data. This mixed blessing of technological advancement and more sophisticated cybercrime is the new reality going forward. Understandably, this new reality poses formidable challenges to IT security teams. From the perspective of saving lives, technological advance is obviously a good thing. The downside of that dynamic is the rising number and complexities of threat vectors. It is not a situation where the cyber defense responses become simpler over time, but rather, just the opposite. The growth curve of the cyber threat landscape is both steep and evolutionary; thus the growth curve of cyber defense solutions that effectively address those threats must be so as well. 5 DATA THEFT CHALLENGES Staying current with privacy regulations (HIPAA and Omnibus). Strict privacy laws require Adventist Health to meet a higher standard of client-privacy than most organizations outside the healthcare sector will need to meet. Healthcare providers have a federally-imposed legal obligation to protect the privacy of patient data in addition to standard consumer data, such as Social Security and credit card numbers. This vulnerability is much worse today than only a few years ago because, as Chitester observes, “Medical records are all electronic now.” Staying current and secure with new communication technology. The explosion of communication tools such as iPads, smartphones, handhelds and even wearable connected devices such as smartwatches and other innovations have greatly increased the risks of a data breach occurring. Those risks become even greater as new communication gadgets come into use among medical personnel. Elevated threat levels can result from something as common as doctors using iPads to communicate medical information, test results or issuing prescriptions, for example. Staying current and secure with new medical technology. As with wearable connected and other smart devices, medical gadgets also present an elevated risk factor to Adventist Health and other organizations in the healthcare sector. “One of the things I see very much as a threat factor is medical devices. I.V. pumps now have built-in wireless capabilities and a stripped down Linux or Windows OS. It is the same with heart monitors, and other medical devices. But the manufacturers are not particularly security-aware. The devices are built with connectivity, so they can connect with a pharmacy, but they lack any kind of firmware updates or security hole checks, and that is going to be a big (risk) factor.” — Bruce Chitester, Security Analyst, Adventist Health Those gadgets are just a small portion of what the medical industry has to deal with. Insulin pumps, I.V. pumps, and even wireless pacemakers and other medical care devices are all subject exploitation by cybercriminals. Chitester predicts that there will be a huge influx of attacks using devices like these as backdoor access to networks. Device vendors will have to scramble to put security measures in place. Protecting patient data. In addition to standard consumer data, such as Social Security and credit card numbers, healthcare providers must take a holistic approach to protecting their clients’ medical records as well. This is not only due to more stringent HIPAA and Omnibus requirements, but also because medical records are a prime target of data theft activity: A stolen driver’s license is worth about $120 on the street. Stolen medical records, however, are worth almost 10 times that. There is no mystery why medical records are a major target of cybercriminals. “That is why we have to build a Fort Knox around them.” — Bruce Chitester He is absolutely correct. The need for comprehensive, end-to-end identification of every threat vector. This need applies to all industries in general. In addition to medical records, Chitester notes that another serious challenge is with financial data. New federal regulations require separate networks for certain types of financial transactions, such as credit cards. To address this, Adventist Health uses multiple LATA (local access and transport area) networks: “All of (these vectors) combine to make security a very high priority and a cutting edge environment to work in, where we have to protect patient data, very specifically, and ... We have to protect privacy of patient data in addition to standard consumer data, such as Social Security and credit card numbers. When someone swipes a credit card, the transaction is carried by a secure tunnel to the credit card processor.” — Bruce Chitester Adventist Health’s data security challenge is an ongoing one, but one that is also instructive to all enterprises. As noted above, just as the threat level curve of the digital environment is steep and evolving, so are the costs involved with successful data breaches. The recent and very public data thefts involving Home Depot, Target Stores, Nordstrom’s and Michael’s were just a few of the casualties in a year of unprecedented levels of cybercrime. Each of those breached businesses lost multiple millions of dollars in sales and market share. Much of those losses can be directly traced to the damaged reputations caused by the breaches themselves. Going forward, the frequency and costs of cybercrime are only going one direction, and that direction is up. Your organization’s approach to cybersecurity needs to be able to successfully meet these challenges each and every day and every minute of every day. Data Theft Prevention is that approach. Solution Bruce Chitester has moved Adventist Health into the SEIM (security event and incident management) environment with strategic partners that specifically include Forcepoint™, and going forward, will involve consolidation of services and solutions as their defense strategies evolve. A foundational part of Bruce’s threat defense strategy has been to build a comprehensive infrastructure that mitigates threats: “If an end-user pulls an obfuscated Java script down via a browser because they randomly hit the wrong website and the script exploits the browser to create a back door into the network, Forcepoint — Adventist’s threat management system — catches the script in a sandbox.” — Bruce Chitester Forcepoint now handles threat intelligence for Adventist Health’s web and blocks dangerous sites. Chitester has put triggers around these types of events, so that if a script or another type of threat is identified and trapped, Forcepoint issues an alert. This appears on a portal, identifying the threat, the user and the forensics. Forcepoint will also handle this through the Cloud, heading off hundreds of threats of different types, such as obfuscated Java scripts, bot networks and unauthorized data postings. Chitester estimates that they catch at least 5 to 10 a week: “With Forcepoint, everything that Adventist sees, other Forcepoint customers also see and vice versa. (The Forcepoint network has close to 1 billion endpoints.) It is updated more frequently than other, similar networked offerings…and the amount of data that we see is enormous. … The number of threats that have been identified is enormous. In this way, the database of known threats is continually expanded. It is getting to the point that the number of threats should diminish, because the database we are checking them against continues to get larger.” — Bruce Chitester With the Drop Box services, Forcepoint monitors usage and issues alerts if someone is using an unauthorized service provider. The service issues reports listing users who are not in compliance. Chitester talks about Forcepoint as a key security partner: “The protection is very good. End users are not happy when they get blocked from going anywhere, but the fact is they are getting blocked. They are not able to visit a site that is on a bot network, or a site that has been hacked with obfuscation code. We very much enjoy that protection.” — Bruce Chitester Results Forcepoint continues to play a vital role in Adventist Health’s security plans when it comes to sandboxing potential threats: “If the device goes off our net, then it is a problem. We take this very seriously. ... These devices have to go through the same protocols as anything else in our environment to get off the net and onto the public network. If a device is given access to the public network from the private Adventist Health network, then it has to pass through the Forcepoint devices, and we know for sure where it is phoning home to and that nothing is coming back in on it.” — Bruce Chitester Bruce also appreciates the efficiencies and Data Theft Prevention policies that Forcepoint delivers: “The cloud detonation is the right way to do it. Other security providers detonate locally, and they do not always have enough time to do the detonations. Forcepoint has enough time. Adventist has to pay the subscription costs, but it does not have to purchase larger servers or more machines to provide adequate resources for its security software to operate optimally. Forcepoint handles all of that, and Adventist Health likes that business model. Forcepoint is getting closer to ‘end-to-end’ than I have seen anybody do it.” — Bruce Chitester In today’s world of advanced and targeted cyberattacks, the need for comprehensive, end-to-end identification of every threat vector must be met fully. There is no other alternative. Furthermore, HIPAA and Omnibus privacy rules require an added level of privacy for medical data. At the same time, the menu of medical devices with connectivity is constantly expanding. As Bruce Chitester accurately points out, the threat of a data breach via unprotected devices is formidable: “Your reputation is your business. A confidentiality breach means lost business.” — Bruce Chitester When it comes to innovation, organizations of all sizes and types have no choice in the matter: They must be able to continuously adopt new technology and adapt to the expansive communications revolution in order to compete in today’s market. Unfortunately, the evolving digital technological revolution puts powerful and discrete connectivity in the hands of everyone, everywhere, including threat actors. That means an expanded threat surface for cybercriminals and greater challenges for cybersecurity professionals. The risk of exploitation by evermore sophisticated cyber threats rises with the ascent of the digital connectivity curve. For the foreseeable future, the dilemma of safely adopting new technology while at the same time protecting your data against rising levels of cyber threats is here to stay. As digital technology continues to rapidly evolve and cyberattack vectors multiply across all digital channels, the task of organizations being able to grow and adopt new technology with safety and confidence remains a challenge. However, these challenges can be met with the right holistic security posture that Data Theft Prevention provides so your company can enter a new era of cybersecurity. Adventist Health has relied on Forcepoint security solutions since 2006.
The Arizona Financial Crimes Task Force (AZFCTF) was established to investigate and interdict the money laundering activities of complex national and international organized crime and to mitigate the violence associated with the smuggling activities that fund these organizations. In January 2014, the AZFCTF funded the creation of the Transaction Record Analysis Center (TRAC), a centralized searchable database of the financial transactions of global money services business (MSBs). TRAC now serves as the intelligence component for AZFCTF and is staffed by analyst and law enforcement professionals recognized as experts in money laundering activity. The TRAC provides data, meaningful data analysis, collaboration and training to investigators, analysts and prosecutors nationwide in their efforts to disrupt criminal organizations and dismantle their operations.
Challenge
Transnational criminals launder billions of dollars in illegal proceeds every year. In the Southwest Border-affected areas, over half-a-million humans are smuggled and prescription drugs, illegal drugs and intellectual property are stolen. Law enforcement agencies have been challenged to process and analyze an overwhelming amount of data that pertains to these operations. Parsing and finding the incriminating data in a vast sea of constantly expanding data sources became extremely difficult as the sheer volume of transaction data far exceeded the capability and volume capacity of typical database software. Due to the limitations and restrictions of the technology, transaction volume became the enemy, and it became harder and harder to detect money laundering patterns across the financial industry. A simple query involving multiple names, addresses or telephone numbers, for example, took hours or days to complete. Enforcement agencies were forced to invest a great deal of time searching through databases, sometimes containing millions of records each, for the suspicious activity they knew lurked among the data. In this timeframe, it was difficult to conceptualize money laundering patterns while remaining a few steps behind the criminals themselves.
Solution
AZFCTF needed a solution that could manage the huge volumes of data flowing into the TRAC, as well as deliver an easy-to-use analytical platform to law enforcement and regulatory users. Today, Forcepoint™ SureView® Analytics is providing AZFCTF with a turnkey analytical solution that is customized for the varied user community consisting of federal agents, analysts, state and local detectives as well as money services business regulators. For each of these stakeholders, SureView Analytics delivers complete management of the environment from data ingestion to delivery of actionable analytics. The TRAC portal offers a dashboard of easy-to-use analysis tools, training webinars and auditing functions. Through a secure private cloud, the solution avoids overhead expenses of on-site hosting, and offers scalability as needed. Queries can be returned in a matter of seconds instead of hours, which turns the increasing volume of data transactions from an enemy into an ally.
Results
The SureView Analytics solution has been adopted by over 2,000 users and hosts over 100 Memorandums of Understanding (MOUs), making the TRAC a unique and unprecedented financial fraud investigative tool. Its value to the Southwest Border states and beyond is recognized daily by the number of law enforcement and regulatory agencies requesting MOUs from across the nation. The query result speed attained by today’s experienced TRAC user enables queries to be run in a timely manner, resulting in the recognition of critical activity patterns and the dismantling of criminal organizations. Additionally, the MSB data in the TRAC system is based on geographic organized crime smuggling corridors and contains more relevant data than what would be obtained in a traditional subpoena process. The data access enables investigators to geospatially visualize criminal corridors of illegal transactions, saving thousands of man hours and lengthy delays in the usual subpoena process. The TRAC system, by virtue of its MOU process and access to expert training, necessitates direct communication by law enforcement experts across the U.S. This unprecedented networking among anti-money laundering professionals creates effective multi-agency teams to attack money laundering patterns and methodologies.