BeyondTrust Case Studies SecureIIS Protects Iowa Department for the Blind from Worms and other Threats
Edit This Case Study Record
BeyondTrust Logo

SecureIIS Protects Iowa Department for the Blind from Worms and other Threats

Cybersecurity & Privacy - Application Security
Cybersecurity Services
The Iowa Department for the Blind had its main website defaced several years ago, disrupting its services to the blind and visually impaired citizens. The department realized the need for a security solution that could protect against both known and unknown threats. Additionally, the solution had to ensure high performance of the department's range of web applications without causing intrusive security that could undermine the department's goal of accessibility. The department serves approximately 7,000 blind or visually impaired Iowans, offering a variety of services, including library, vocational rehabilitation, independent living services and public education, as well as adjustment and orientation services for the newly blind. Therefore, any disruption to these services was unacceptable.
Read More
The Iowa Department for the Blind is a state-supported department that serves approximately 7,000 blind or visually impaired Iowans. The department offers a variety of services, including library, vocational rehabilitation, independent living services and public education, as well as adjustment and orientation services for the newly blind. The department is headquartered in Des Moines and has district offices in Cedar Rapids and Cedar Falls. It employs approximately 95 people and also has a large network of volunteers who provide services such as transcribing texts into Braille or reading books onto audiotapes. The department is a one-stop shop that provides all the services blind persons need to live independently and work competitively.
Read More
The department chose BeyondTrust’s SecureIIS web server security solution. SecureIIS delivers integrated multi-layered Windows server protection. By integrating with the Microsoft IIS platform as an ISAPI filter, SecureIIS works at the application layer, protecting against known and unknown exploits, zero-day attacks, and unauthorized Web access. SecureIIS operates within Microsoft IIS to actively inspect all incoming requests at each stage of data processing. This allows the technology to prevent potentially damaging network traffic from penetrating servers and compromising web-based applications, whether the traffic is encrypted or unencrypted. SecureIIS inspects requests as they come in from the network layer, as they are passed up to the kernel, and at every level of processing in between. If at any point SecureIIS detects a possible attack, it can take over and prevent unauthorized access and/or damage to the web server and host applications.
Read More
SecureIIS has successfully protected the department's website from various threats, such as Blaster, Code Red and Nimda.
SecureIIS has a feature that alerts the department if someone tries to access a page that no longer exists or has been moved. This feature has helped the department to meet the needs of the people they serve by allowing them to contact the person directly and direct them to the new page.
SecureIIS is easy to administer and allows for customization. The department has instituted a new policy that when a new application is developed, it has to be designed to be compatible with SecureIIS.
Avoided downtime and recovery costs of more than $20,000 for each worm attack.
Successfully blocked numerous worm attacks, including Nimda and Blaster.
Download PDF Version
test test