X

Cloetta, a successful confectionery business in Europe, has been utilizing commodity services and applications to reduce its infrastructure footprint and smart-source some business-critical processes. Remote working and cloud services are integral parts of the company's strategy to increase productivity and grow the business. However, the openness of its IT architecture posed a threat to the security of its confidential information. The use of cloud applications and the increase in remote working meant that more employees were using the internet to access services and gather information, which in turn increased the chance of getting infected by malicious applications. Cloetta was also the target for cyber threats that proliferate through the use of email, such as phishing, spam, viruses, and other malware.

The Disabilities Trust, a UK-based charity, was facing significant insider threats and the growing risk of ransomware attacks. It needed a total overhaul of its web and cloud application security to protect staff and patients alike. The organization's user activity and privacy controls needed significant attention. The biggest threat was the insider threat – inside out, not outside in. Whether that’s leavers exfiltrating the organization's IP or confidential patient information being unwittingly shared on public forums, the impact could be critical – both reputationally, and for the people they support.

Thatchers, a cidermaker based in Somerset, has been growing significantly over the last ten years and had outgrown many of its systems and applications. As a result, it had become much more vulnerable to security breaches. With more and more sophisticated threats, Thatchers looked to reduce their risk of being attacked. Senior IT Engineer, Hamish Ross and his team were keen to prevent Thatchers falling victim. They urgently needed to lock down their systems and prevent an attack. First on Thatchers’ priority list was an email filtering system that was straightforward to manage, could scale easily as the business continues to grow and could protect the business from malicious emails that could have viruses attached or links to infected sites.

DTU, one of the leading technical universities in Europe, faced the challenge of providing secure access to a wide range of systems and applications for its 1400 employees. The university's IT service function serves a wide range of departments, university entities, and affiliated companies who benefit from their modern IT setup and infrastructure. Employee remote access from across Europe is enabled through a number of login systems including Citrix, Cisco, and SSH. Initially, users accessing these systems were required to carry around hardware tokens for authentication when logging in. However, the token-based setup was becoming increasingly time-consuming to manage and was causing frustration for both users and the IT team managing the solution.

Onecom, the UK’s largest independent business telecommunications provider, needed a centralised security platform that could protect its 400+ employees outside of the traditional workplace perimeter, while minimising demand for internal IT resources. The company was looking to grow rapidly in the next three to five years, so having a security solution that could scale alongside the company was very important. Onecom was particularly looking to protect employees from email attacks, such as phishing, and threats over the web, as well as save the IT team time and resources when it came to implementing security solutions alongside maintaining the highest levels of compliance.

Produce World, a major supplier of fresh vegetables in Europe, operates across multiple sites and relies heavily on remote working. With employees needing access to company systems from various locations, including farms, customer premises, and home, the company faced a significant challenge in ensuring secure and convenient access. The rise in security threats, particularly phishing, necessitated a robust solution. The company had been using a hardware token-based two-factor authentication system, but recognized the vulnerabilities associated with relying solely on usernames and passwords.

Veramed, a contract research organisation in the pharmaceutical industry, faced a challenge in monitoring and protecting its staff in a cloud-only business environment. The company had never had on-premise servers or traditional perimeter security, making it difficult to keep staff safe from malware and inappropriate sites. As the company continued to grow, it needed to formalise its security to reassure customers that it was operating in line with stringent standards, such as ISO 271001. Veramed needed to improve its monitoring capabilities by strengthening its awareness of staff behaviour, enabling it to address any issues and provide users with education on safe, secure IT usage.

Alternative Solutions, a leading IT services company, was looking to streamline their product portfolio and displace legacy solutions with one cyber security platform that could deliver full-service cyber security across all core threat vectors for its customers and help them meet their regulatory requirements. The company also wanted to find a security vendor who could help them move away from perpetual license-based products due to demand from customers for consumption-based billing. The company had previously resold separate security products for email, web and cloud security from multiple vendors. The ideal scenario for them was a cloud product that provided integrated security across these channels for their customers.

The National Portrait Gallery, one of Britain’s best-loved museums, was seeking to improve its security posture and achieve the government’s Cyber Essentials security standard. The Gallery has a high public profile and receives funding from the government, public donations, and receipts from ticketed exhibitions, gift shop sales, and events. As the Gallery’s existing security contracts came to an end, Nicky Dowland, Head of Information Technology, sought a more advanced solution that would provide additional layers of security on a platform that was easy for a small IT team to manage, and that could help it achieve the Cyber Essentials security standard.

St Anne’s Community Services, a not-for-profit organization that provides support to those in need across the North of England, faced the challenge of protecting highly sensitive data. The challenge of protecting confidential information has increased in recent years due to more stringent data privacy regulation through the GDPR, while digital transformation increases the volume and vulnerability of data. Visibility of where data is stored, and control over who has access to it and has the ability to share it is vital in this day and age. With St Anne’s already well on the way in its cloud transformation journey, having migrated to Microsoft Azure and Office 365, the charity needed an additional layer of security on top of what was provided as standard by its cloud services.

Tangerine Confectionery, the UK’s largest own-label sweet manufacturer, was looking to move away from its legacy web security solution. The company has five sites across the country and employs 1,100 people. The priority for Tangerine was to ensure its employees were protected when browsing the web, both on and off-premise. The company trialled other solutions available in the market but found that they did not have the advanced functionality it was looking for, including the ability to protect employees offsite, and the flexibility to work with their existing IT architecture.

Thumbs Up (Bury) Ltd, a manufacturer and supplier of plastic housewares and storage products, faced a major disruption to their business due to the infection of their computers with the Zeus Trojan. This disruption included downtime of their email system. The infection occurred while the company was in the process of swapping their email system from BTpop to Microsoft Exchange to improve productivity. However, even after the implementation of Microsoft Exchange, email-borne viruses continued to disrupt the business. In addition, about a week after the infection the company’s telephone lines were temporarily hijacked by hackers posing as BT engineers, so that if the bank phoned to verify any transactions the calls could be intercepted by the hackers and it would appear that they were speaking to the company.

Capsticks, a leading national healthcare law firm, had a remote access system in place for its lawyers to log on from home or other remote locations. However, the remote access was only secured with a password. With over two-thirds of security breaches being down to weak or stolen passwords, Capsticks’ IT team were hyper aware of the vulnerability of the firm’s systems. As a law firm, many of the cases they deal with are very sensitive, so the data they store is confidential. They were conscious that where their remote working environment was concerned, their security was only as good as the weakest password used by their employees. They needed to find a solution and quickly. In addition to increased security, it was vital for Capsticks and its team of busy lawyers that the solution was a user-friendly one.

Pandora, a leading internet radio company, has a highly mobile workforce that relies heavily on SaaS (Google Apps) and PaaS (Salesforce) for their daily operations. Google Drive is a crucial tool for Pandora's employees as it allows them to create, distribute, and update dynamic documents on active projects, and to share and collaborate both internally and externally. However, the security of Pandora’s shared documentation is a major concern. The company is keen on protecting its intellectual property and is concerned about data loss prevention. While employees rely on sharing documents to perform their jobs, the IT department is tasked with ensuring that sharing with external partners and vendors adheres to the company’s acceptable use policies and is done securely.

The University of Oklahoma (OU) is a world-renowned research institute with nearly 1 million square feet dedicated to public and private sector collaborations on its Research Campus. When the university moved to Office 365, OU grew concerned about the possibility of account compromises. OU recognized a need for more visibility into its cloud environment in order to protect its highly sensitive research data, as well as HIPAA and PHI data. The loss of this data would not only pose a risk to the university's reputation but could cost the university thousands of dollars and lead to loss of contracts or future research opportunities.

The United States Holocaust Memorial Museum (USHMM) decided to migrate to Google Apps and included CloudLock in the project scope from the outset. The goal was to use CloudLock post-rollout as a means to ensure security and enable ongoing monitoring of sharing patterns as well as internal and external exposures. During the early rollout stages, USHMM also found CloudLock to be instrumental in the deployment process and implementing change management in the organization.

Guardian News and Media (GNM) implemented G Suite and Google Docs to provide the organization with a suite of collaboration tools that realize the cost savings of storing documents in the cloud. However, the nature of the business requires that documents can be shared outside the organization’s domain with 3rd party writers, vendors and others. This posed a risk of sharing sensitive information outside the domain, which needed to be mitigated.

AMAG Pharmaceuticals, a publicly traded biopharmaceutical company, was one of the first in its industry to adopt cloud services and migrate to Google Apps. However, this move presented a new set of challenges. As a publicly traded pharmaceutical company, AMAG had to comply with SOX and FDA regulations while also protecting the company’s intellectual property. With the adoption of Google Apps and the creation and storage of documents in Google Docs, the IT team at AMAG recognized a need for a solution that would provide visibility into user adoption, document growth, document classification, and control and visibility of document exposure to address compliance and governance requirements.

Teach For America, a national corps of top college graduates and professionals who commit to teach for two years in urban and rural public schools, faced a challenge during their intensive summer training program. The program, which involves approximately 5,800 first-year teachers, required a solution that allowed for collaboration, homework completion, and document access anywhere and anytime. The challenge was particularly pronounced when it came to sharing documents externally during this training time. Although Teach For America has a limited number of laptops and workstations, most teachers choose to bring their own device to the summer training program, thus requiring the team to find a solution that is secure, externally shareable, and accessible. Additionally, after the summer training institute and every year when staff transition, Teach For America needs to audit hundreds of accounts to ensure that documents and sites remain secure.

Bay Cove Human Services, a not-for-profit organization, was facing challenges with the Google Apps ecosystem. While the online productivity suite was beneficial for messaging and collaboration among employees and external contractors, the freedom for end users to install and use 3rd party applications posed IT challenges. These included having complete visibility into all applications that are granted access to the domain, ensuring that 3rd party apps comply with the organization’s Approved Applications Policy, and classifying apps based on their risk profile. Many 3rd party applications ask for Google Apps domain permissions to be granted as part of their installation. This created exposure for end users and for the entire company’s domain, and created the potential for being taken advantage of by these applications, as well as by privileged users of the vendors behind them.

OSDE, one of Argentina’s leading healthcare providers, delivers high-quality healthcare to 2.2 million members across the country’s 23 provinces. In support of its mission to deliver top-quality healthcare to patients at its 400+ facilities, OSDE began in 2012 a system-wide migration to cloud-based G Suite (formerly Google Apps). While the move enabled better collaboration, it also meant increased sharing of highly sensitive personal data. Against the backdrop of healthcare’s intensifying ransomware crisis, OSDE sought a solution to offset the risk represented by a proliferation of mobile apps designed to interact with corporate accounts. The need to visualize the organization’s information flow—mapping what data is being shared with whom—led OSDE to consider a cloud access security broker (CASB).

The Oakland Unified School District (OUSD) aspires to “focus on high academic achievement while serving the whole child, eliminating inequity.” They recognized cloud technologies as the means to make their vision a reality. However, when looking to adopt cloud applications, OUSD faced four primary cloud cybersecurity challenges: Compliance and Student Privacy Protection, Inappropriate Behavior and Cyberbullying, Suspicious User Behavior and Security Breaches, and Cloud Malware. They needed to protect a high volume of sensitive data, as dictated by a range of compliance regulations, and ensure students are not using digital platforms to engage in inappropriate activities. They also wanted to ensure any potentially anomalous behavior was rapidly identified and addressed.

Rhapsody Property Management Services, a premier multifamily property management firm in Canada, was looking for an integrated access control system that was easy to use, reliable, and secure for their Central Parc property. The property, located in Laval, Quebec, is comprised of six buildings and a community center, offering residents an array of amenities and a beautiful one-acre park with an off-leash dog area. The challenge was to provide one-key access for residents that was easily maintained and reliable. The system needed to be scalable for future growth and versatile enough to complement any decor.

California Vacation Villas (CVV) is a full-service leasing and property management company that specializes in short-term vacation rentals. It manages a 70-unit inventory in Southern California’s beach and low desert resort areas. The company’s desert properties are subject to high temperatures. Therefore, these units often have high utility costs from frequent air conditioner use. CVV’s beach properties are exposed to salt air and beachfront weather conditions, which may lead to corrosion. Further, company President Quinn Tamm, knew that operators who use metal keys in lock boxes for guest and vendor access had concerns about lost keys and unauthorized duplication. He became interested in the growing “connected home” technology movement and its benefits for temperature control, security monitoring, and overall guest convenience. Tamm wanted to work with his owners to implement a technology solution that would make its units more secure with flexible, convenient guest access, and guarantee a long-lasting product life. He also wanted to install networked energy management controls that would monitor and reduce unnecessary power use.

Brindley Beach Vacations and Sales manages over 600 properties, many of which are located in remote areas near the Atlantic Ocean. These properties are exposed to the corrosive effects of salt spray and blowing sand, which can cause issues with the vacation rental locks. The company needed to ensure that their locks were in reliable operating condition to reduce the time their maintenance team spent responding to guest access issues. Additionally, several property owners wanted to lower their energy costs with smart thermostats, prompting Brindley to offer a 'connected home' environment to monitor and control energy usage. The company evaluated vacation rental access locks from leading providers to upgrade their existing units. They wanted secure, flexible keyless locks that could communicate wirelessly and were compatible with a remote monitoring system.

Greenville Technical College (GTC) is a part of the South Carolina Technical Education System, providing affordable, quality education to residents throughout the state. As part of its commitment to provide up-to-date educational opportunities for area residents, GTC opened its Northwest Campus, a 110,000 sq ft, state-of-the-art high-tech facility. The challenge was to ensure safety, security, accessibility, and durability for the doorways of the Northwest Campus while maintaining aesthetic compatibility with the facility’s design.

The rapidly growing community of Oak Creek, south of Milwaukee, Wisconsin, faced the challenge of meeting the educational needs of its increasing number of K-12 students. The population had increased nearly 70% in twenty years, necessitating the construction of a new school. The $24 million, 180,000 sq ft East Middle School was designed to accommodate 1,000 students. However, the constant movement of energetic preteens put a heavy demand on both internal and external doorways throughout the school, requiring a robust and reliable solution.

4-County Cooperative includes a main office and five district offices spread out across 9 counties in Mississippi. Field teams rely on Internet connections to access the utility’s core work order system that creates efficient work scheduling around events such as storm repair. Workers are armed with Windows 7 laptops and Windows software. Relying on a cellular connection to access work applications, the laptops would often be unable to connect due to poor network coverage, bringing work order progress to a halt. Some linemen grew so frustrated that they abandoned their crippled laptops, resorting to pen and paper until they had time to open an IT ticket. Faced with unhappy employees and a system that often could not serve its intended purpose, Critcher and his team realized they needed a more reliable approach to keeping teams connected to the Internet while in the field.

Cox Communications, a major cable provider in the U.S., was facing challenges with its field service communications. The company's 3,500 field-service technicians handle over six million work orders annually. However, these technicians were having difficulty connecting remotely to their work order management system, leading to delays in service. The company noticed that a significant amount of time was being spent on establishing a connection relative to work orders. Field staff were also frequently contacting the back office to gather customer information when a connection could not be made.

Heinen & Hopman, a maritime-industry specialist, was facing a challenge with their fitters who were struggling with connection problems at the work sites. The fitters use mobile phones, laptops, and tablets every day to do their jobs. They need a stable, reliable, and secure internet connection to be able to use applications, such as 3D visualisations of the ships that they are working on. Since the fitters mainly do their work in shipyards and other remote sites, they often had to deal with poor internet connections and regularly experienced connection drops. Reestablishing a connection is easy for an IT consultant to do, but it is a time-consuming chore for a project manager or fitter. Having to repeatedly re-establish VPN connections meant that they lost a lot of time and meanwhile, they couldn’t access the up-to-date, essential information they needed. For a time, workers tried carrying static versions of the drawings on their laptops for use on-site, but without a reliable connection and synchronisation the drawings were obsolete.