WEBINAR: Live Event Date: September 20, 2017 @ 1:00 p.m. ET / 10:00 a.m. PT
Designing a Proactive Approach to Information Security with Cyber Threat Hunting REGISTER >
The non-profit Georgia Legal Services Program provides a wide range of legal advice and services to low income individuals and families at 12 offices throughout the state. The organization recently deployed InfoExpress CyberGatekeeper with Dynamic Network Access Control (DNAC) and CyberGatekeeper Remote to help secure its entire network of offices.
Joseph Mays, Georgia Legals director of IT, says he turned to InfoExpress to help solve what was becoming an increasingly complex security problem. We get interns coming from different colleges that do some work for our lawyers at the remote offices and one of the things that was alarming was that they would come in with their own personal laptop and plug right into our network, he says.
That kind of vulnerability, Mays says, started keeping him up at night and so he searched for a product that would help him manage and monitor the organizations entire network. Its pretty scary when you have 12 locations and you have no clue whats going on out there and now, we know that the stations that are connected to our network are stations that are a part of our domain, he says.
As a non-profit, the cost of the deployment was a significant concern for Georgia Legal, and Mays says InfoExpress was able to work within their financial constraints. Some of the solutions that I looked at as you got into the higher end or a higher number of users, the cost of the product went up significantly, he says. And there were other products that I looked at that required us to upgrade our switches we didnt want to have to do that, because just the time that it would take to go out to every individual office would certainly increase the cost.
Key to the deployment, Mays says, is the CyberGatekeeper client on each desktop that monitors all activity. We were able to deploy the client across our network within a day or two, and what it allowed us to do was to be able to look at the types of applications that were running on our desktops so that we could make sure that we brought everything into compliance, he says.
That includes everything from blocking applications, such as AOL, to ensuring that virus definitions are being updated. CyberGatekeeper allows us to write policies on how to keep these workstations safe, Mays says. So for instance if someone had downloaded a virus that stopped the virus protection on their machine, it would just quarantine the desktop and then there would be a link that would pop up that would say, Call the helpdesk for assistance.
Keeping on top of those types of issues, Mays says, is a high priority. Having 12 remote offices, you certainly dont know what users have actually installed on their desktops, he says. So for us, this gives us an in-depth view of what is being installed across the organization on desktops, allows us to put policies in place and helps us to enforce those policies. You can tell people not do something, but having an appliance that enforces that policy just makes it much easier.
When the solution was first deployed, Mays says, they found that more than 60 percent of the computers on the network were out of compliance, in terms of both virus updates and applications. We use McAfee for our virus protection, and we have a centralized server that pushes the definitions out to the desktops but every now and then youll have something quirky that goes on with the McAfee software on the desktop and definitions dont get rolled out and if you get hit with a virus, youre just sunk at that point, he says.
Extending that coverage to include remote access, Mays says, was a crucial part of the deployment. We have lawyers who travel around, and we wanted the ability, when they come in through the VPN tunnel, to go through the CyberGatekeeper too, so that if they had taken their [laptops] home and gotten them infected and then decided they wanted to use the VPN, we could block them from that direction, as well, he says.
Ultimately, Mays says, the products ease of use is one of its greatest strengths. The user interface is the easiest part of the product, he says. Basically, once youre set up once you get your network in compliance and you set your policies up and enforce them, theres really nothing to do at that point. We dont really touch it. We just wait for the users to say, Why did we get kicked off the network?
Jeff Goldman is a veteran technology journalist and frequent contributor to many Internet.com sites.