Establishing Digital Trust: Don't Sacrifice Security for Convenience
''The strategy was if it didn't touch us, the Internet couldn't hurtus,'' says Hochstatter, vice president of technology at the Kingston,N.Y.-based bank.
But with customers and employees spending a lot of time waiting in longlines at Internet kiosks, Hochstatter says the dual network system wasnot effective or economical. He says something needed to change quickly,but he didn't want to pay for the security expertise to harden Ulster'slink to the Internet.
Instead, Hochstatter turned to Perimeter Internetworking, Inc., aMilford, Conn.-based managed security outsourcer. Hochstatter says heabandoned the bank's Cisco Pix Firewall, and its Symantic Anti-Virussoftware, and tapped into Perimeter's new security service -- Gateway4.0.Referred to as Perimeter's ''Security-in-the-Cloud'' solution, theservices replace traditional firewall and IDS monitoring systems with anetwork-based service that combines technologies from leading vendorsinto one platform.
''For the price of one high-level network engineer, we can have all ofPerimeter's services,'' says Hochstatter. ''If we tried to duplicate whatPerimeter does, we would need three to four engineers and we stillwouldn't be at the level of security that Perimeter brings to thetable.''
Hochstatter estimates it would cost the bank five to 10 times moreannually to do inhouse what Gateway 4.0 provides.
Brad Miller, CEO of Perimeter Internetworking, says Security in the Cloudcustomers buy Internet access from Perimeter and then also receivesecurity services.
''This is network-based security,'' says Miller. ''Rather than having thesecurity technology at the customer's premisis, it all happens in thenetwork before it gets to your door.''
With about 30 percent of network traffic being undesirable, the job ofsecuring networks has changed, says Greg Young, vice president ofresearch at Gartner, Inc., a Stamford, Conn.-based industry analyst firm.
''As bad traffic increases, the job changes to finding good traffic andletting it get through -- not just stopping the bad traffic,'' saysYoung.
At a base level, Gateway 4.0 is designed to provide traffic policycontrol, intrusion prevention, malware defense, secure email services,secure access, automated compliance and network services.
''Customers are not losing bandwidth to bad traffic,'' says Young.''Instead of malware coming to their door, it's dealt with upstream, atthe 'cloud'.''
Hochstatter says Ulster Savings Bank uses Gateway 4.0 for firewallprotection, general Internet protection and its WebSense product, whichuses employees' ID numbers to restrict where they are able to go on theInternet. The service also provides Ulster's email service, saving thebank from internal email administration costs. In addition, he says thebank utilizes Perimeter's Mail Safe product, which sends secure emailsand the Secure VPN service, which allows field employees to securely gainaccess to the network from home.
Clark Easterling, director of product management at NuVox Communications,Inc., an ISP based in Greenville, S.C., says his company switched toPerimeter in 2002. Easterling says NuVox formerly ran McAfee anti-virussoftware on its PCs, which mainly run Windows 2000. He says about 95percent of NuVox customers run Windows, and the others are Mac and Linuxusers.
NuVox Communications services 16 states and provides Internet services,local long distance, networking and security services to 42,000 businesscustomers. When customers purchase Internet services through Nuvox,Easterling says his company turns to Perimeter for the firewall, as wellas Internet security, enhanced security services, data storage and backups, email archiving, desk top anti-virus, secure email and spywareprotection.
''It would cost way too much to manage this alone,'' says Easterling.''Perimeter's cost outweighs doing it internally.''
Easterling says NuVox's three-plus years of working with Perimeter hasproven successful.
''They constantly evolve as the nature of the industry has changed,'' hesays.