X

Davies Turner, a leading multimodal freight forwarding group in the UK, faced several challenges with its existing security solution. The nature of their business required employees to regularly use the web for work-related tasks, which posed a risk to the network. The company had different user requirements across several offices, necessitating a customizable solution. The HR team also needed increased insight and reporting on time spent online. The existing solution was not user-friendly and could not provide the depth of information needed as the company grew.

AUSL Modena, a public healthcare organization in Italy, was facing challenges in detecting and preventing advanced threats that reach their target by web and email. The spread of viruses and ransomware like cryptolocker was a significant concern. The organization needed to change its web and email security strategy to better manage the appropriate channels and focus more on end-users and less on terminals. AUSL Modena also needed to integrate with the nearby Modena University Hospital and its 3,000 workstations.

The Center for Army Analysis (CAA) was working with an infrastructure in which access to all Command, Control, Communications, Computers and Information Management (C4I) networks required each user to have four separate workstations and a Black Box KVM switch at their workspace. This resulted in duplication of hardware and massive power consumption. Another problem that CAA faced was a severe time degradation in moving classified information across multiple networks. This prevented the execution of critical Global War on Terror and warfighting analyses.

The Department of Defence in Australia was faced with the challenge of modernising its heavily distributed ICT networks, which were providing declining IT service and flexibility. This required a full-scale consolidation across the department's data centres, computer rooms, and desktops. The goal was to create a Single Information Environment (SIE) to improve and strengthen infrastructure and maintenance services, while reducing operational costs. The desktop portion of this project, referred to as the Next Generation Desktop (NGD), aimed to provide streamlined desktop and application access to approximately 100,000 users, with 15% of those users requiring simultaneous access to multiple networks.

KPIT, a technology company focused on creating domain-intensive products and solutions, needed a web security solution that could manage the web and protect its network. Previously, the company used squid-based proxy servers and manually updated policies. However, the effectiveness of these policies was largely dependent on the knowledge and skill-base of the security administrators. With the dynamic nature of web content, KPIT realized that reactive web filtering measures were insufficient. The company needed a solution that could offer real-time protection and automatically block web threats and malicious sites as they are identified.

Copa Airlines was facing a challenge in providing better protection for its roaming users and distributed offices. The company was in need of a solution that could offer a full-featured policy set. Prior to choosing Forcepoint Secure Web Gateway, Copa Airlines evaluated other vendors including Zscaler and McAfee. The company was looking for a solution that offered efficacy, deployment flexibility, and ease of management.

The Chilean bank, which primarily caters to high net worth individuals and corporations, decided to get proactive about bolstering its cybersecurity and data loss prevention posture in the wake of 2018’s high-profile cyberattacks targeting Latin American banks. The bank was not affected by these attacks, but the incidents spurred the Chilean government to begin drafting legislation that will require Chile’s banks to comply with certain cybersecurity measures, including data loss prevention. The bank decided to get ahead of the curve to better protect clients and itself, instead of waiting for government regulations to take effect. The bank has been transitioning to the cloud to support remote bank employees and account managers who meet premier clients in their own environments. The bank needs its security solutions to both adhere to coming government data protection legislation and to safeguard the usage of cloud applications and service providers.

A global logistics provider was seeking an alternative to their multi-protocol label switching (MPLS) service. The customer wanted to boost the productivity of their workforce and lower costs by migrating applications to the cloud; however, doing so would create a large amount of additional traffic that would have to be backhauled to the data centers. This would inevitably cause latency and a subpar user experience. Adding additional MPLS lines would take months to implement and would be a costly solution, especially when considering the vast number of locations. At the same time, the customer’s aging network security devices were unable to provide substantial visibility into their highly distributed network. With warehouses and data centers spanning the globe—most of them without an on-site technical team—any new network security deployments would have to support centralized management, provide detailed insights into what was happening on their networks, and offer robust reporting capabilities. As one of the world’s largest logistics companies, the customer required the very best in security efficacy to maintain business continuity and to continue honoring commitments they had made to their clients.

Pegasus Airlines, a leading low-cost airline in Turkey, faced challenges in maintaining regulatory compliance due to the vast amount of customer data it collects and stores. The company also supports workforce productivity by allowing their employees to work from anywhere using personal devices to access email and browse the web. This created a challenge in upholding the mandates of the General Data Protection Regulation (GDPR), which has strict penalties for companies that cannot quickly identify, report, and respond to data loss incidents.

This multi-billion dollar bank needed a vendor that could help protect corporate assets and customer information against internal threats in a unique technology environment. At the recommendation of an external audit, the bank sought a unified solution with embedded data loss prevention (DLP) within the web and email gateways to protect against risky employee behavior.

BSE, Asia’s first stock exchange, houses highly sensitive, critical corporate and trading data belonging to over 5,500 corporate houses listed on the exchange. It is one of India’s most critical infrastructures, and it is their responsibility to ensure the security and integrity of this sensitive data. They needed to maintain stringent, around-the-clock monitoring to secure the data from any possible internal or external threats. In an attempt to strengthen its security posture, BSE underwent a complete revamp of all its cybersecurity systems, opting to replace its existing security products with new, cutting-edge technology solutions, including for DLP, which is an integral part of BSE’s overall security strategy. BSE wanted a comprehensive solution that covered endpoint, network and e-mail.

The Aosta Valley region, a Special Statute Region in Italy with a population of just under 130,000 people, faced a common problem for public and private companies, especially one as large as itself - securing web navigation. The region needed to define policies that supported a high level of security while preserving employee productivity. The spread of social networks, the e-commerce boom, and the concurrent availability of internet access on all workstations created a need for a cyber intervention. As a result, the region viewed web protection to be a priority, in order to manage and regulate web access based on content and source. The region decided to integrate its existing firewall with a web security component.

The company was dealing with underperforming and inflexible web and email security solutions, which were generating an average of 350 incidents each week, including false positives, that required staff time to investigate. This created a significant management burden for the company’s IT Infrastructure division. The company needed a new solution that could reduce the number of necessary investigations through better efficacy, thereby generating fewer false positives. In addition, centralized management and reporting capabilities would make investigations more efficient and reduce staffing needs. The company also needed a solution that could support their future challenges of moving to the cloud.

Nous Infosystems, a Global 500 company in the banking industry, was facing several business challenges that led them to evaluate and ultimately select Forcepoint DLP. They had disparate DLP policies that left holes in their security posture, leading to data exfiltration that left their organization exposed. Additionally, they were struggling with their ability to control and manage data that’s subject to regulation.

Huisman is a globally operating company with extensive experience in the engineering and manufacturing of heavy construction equipment. The company develops and manufactures cranes, pipelay systems, drilling equipment, winches, vessel designs and special products. In addition to oil and gas, Huisman focuses on renewables, leisure and civil industries. In view of its international presence, safe and secure communication between offices is key to Huisman’s success. That is why the company selected Forcepoint’s web and email security solutions to protect internal systems against malware and data leaks. Huisman is a high-tech company with a lot of intellectual property in the field of engineering. Therefore, it needs a high-quality security platform that offers ultimate protection, ease-of-use and ease-of-management.

The financial institution, being part of a global financial group and one of the world's largest banks, had to meet strict requirements for data security compliance. It was under intense scrutiny from customers, regulators, and shareholders. The institution needed a robust solution to protect its network from advanced, multi-stage threats. During the Proof of Concept (PoC), Forcepoint detected several of these threats in real time. The successful PoC was one of the deciding factors for the bank in choosing Forcepoint.

The company stores a variety of valuable data: internal patents, intellectual property (IP), merger and acquisition data, machine schematics, and geological data like potential drill sites. Many of those with access to this sensitive data are temporary contractors, employed for only a brief period of time. Understanding the higher risk that accompanies shorter-term employees, company leaders brought in third-party analysts to do an assessment of insider threat risk. Analysts found that data was indeed leaving the company, and that nearly half of the data loss incidents were directly related to the actions of negligent or malicious insiders. Upon hearing the results, company leaders authorized the creation of an internal insider threat task force.

IGATE, a global leader in providing integrated technology and operations-based solutions, faced a significant data security challenge. The company needed to extend its corporate network to a sizable list of globally distributed subsidiary companies, ensuring one uniform policy. The challenge was particularly acute when a user worked out of a remote office or traveled to a remote location. IGATE wanted the same policies to be consistent throughout the company’s entire extended corporate network. The company had experienced an incident involving data leakage when an employee logged into the corporate network from a remote computer and sent unwanted emails to a customer. IGATE needed to take a position where the company could protect corporate data and protect the user while, at the same time, ensuring that the proper policies were in place.

UCI, a financial institution that provides mortgages to homebuyers in four European countries, faced the challenge of safeguarding sensitive personal and financial data of its customers. With the advent of new GDPR regulations, the need to protect this data became even more critical. The institution needed to ensure safe and efficient connectivity across devices and locations. The challenge was to deploy a solution that could minimize security risks, reduce manual solution management, and integrate into UCI’s existing SIEM systems to help detect company policy infractions.

Southern Communications, a provider of mission-critical infrastructure as a service (IaaS) for medium to large scale enterprises, was facing a challenge with their signature product, Smart-Connect. As broadband lines improved, leased lines became more affordable, and new technologies became available, the customer desired an alternative solution that could support larger enterprise customers. Managed services are a commoditized market, and Southern Communications needed a way to differentiate their offering from its competitors. The new solution needed to support a wide range of connectivity options, allow for redundancy at each site, have the ability to assign priority to business-critical application traffic, provide visualization tools and reports, offer next-generation security, and have centralized management.

The Freedom of Information Act (FOIA) has been a gateway for Americans to access data and knowledge maintained by government agencies since the 1960s. However, the system has become a victim of its own success, with over 550,000 requests annually, overwhelming the fifteen U.S. departments and agencies that receive 90 percent of all such requests. The departments were struggling with the timeliness of their responses, effectiveness of their communications and facilitation of information flow to citizens. One department, which received more than 22,000 FOIA requests in fiscal year 2012, was spending an average of 33 days to respond to a request, with 22 of those days devoted to locating the required data. The department was seeking a solution to enhance its search capabilities and reduce response time.

Rösler, a leading player in the mechanical surface finishing sector, was facing challenges with its IT security. The company had been using several firewall systems in its branches, all of which had to be separately managed and maintained. This made determining the IT security status of the entire network either rarely possible or extremely time-consuming. Tasks like updates or the securing of individual firewalls were also very time-consuming. Most firewalls in the individual branches could not be regularly monitored due to time constraints. This meant that settings and administrative activities were not being monitored on an ongoing basis, daily compliance checks were not being carried out, and configuration errors and potential security risks were not immediately being noticed. It was therefore imperative for the IT department to improve network transparency and to guarantee the simplest possible management process.

AudioNova, a large provider of hearing aids in Europe, was facing challenges due to its rapid growth and expansion to over 1,200 stores throughout Europe. The company had multiple solutions for web and email security on-premises in different regions and locations. This made it challenging for the small IT department to manage security efficiently from the headquarters in Rotterdam. The disparate set of security products was not meeting the company's needs, and a more comprehensive solution was required.

Khaitan & Co, one of India’s oldest and largest full-service law firms, is the appointed custodian of all its client data in digital format. This includes sensitive documents such as contracts, bonds, and stocks. The firm's survival depends on its ability to protect this client data from falling into unauthorized hands. However, with no security solution in place, the firm lacked visibility and control over its critical data. The data flow within the organization, as well as email accounts from external third parties, couldn’t be effectively monitored and guarded. Unchecked and unauthorized USB/flash devices, printers, and cloud applications also presented a major security risk. The firm needed a solution that could help identify potential sources and points of data loss, and secure them effectively without interrupting normal business operations.

Transnational criminals launder billions of dollars in illegal proceeds every year. In the Southwest Border affected areas, over half a million humans are smuggled and prescription drugs, illegal drugs and intellectual property are stolen. Law enforcement agencies have been challenged to process and analyze an overwhelming amount of data that pertains to these operations. Parsing and finding the incriminating data in a vast sea of constantly expanding data sources became extremely difficult, as the sheer volume of transaction data far exceeded the capability and volume capacity of typical database software. Due to the limitations and restrictions of the technology, transaction volume became the enemy, and it became harder and harder to detect money laundering patterns across the financial industry. A simple query involving multiple names, addresses or telephone numbers, for example, took hours or days to complete. Enforcement agencies were forced to invest a great deal of time searching through databases, sometimes containing millions of records each, for the suspicious activity they knew lurked among the data. In this timeframe, it was difficult to conceptualize money laundering patterns while remaining a few steps behind the criminals themselves.

The Pacific Air Forces (PACAF) and the 353d Combat Training Squadron (353d CTS) operate and manage the premiere joint combat training venue – RED FLAG-Alaska (RF-A). RF-A exercises are held at the Joint Pacific Alaska Range Complex (JPARC) at Eielson Air Force Base and Joint Base Elmendorf-Richardson. JPARC is the largest instrumented air, ground, and electronic combat training range in the world. With multiple joint and coalition forces exercises per year, RF-A provides relevant and real-world air and ground combat scenarios with realistic threats and targets. As many as 90 aircraft and 2,000 personnel participate in the RF-A tactical exercises that cover 66,000 square miles of training airspace and 1.6 million acres of often-rugged land in the joint Air Force/Army-managed JPARC. The JPARC encompasses more than $200 million worth of equipment and instrumentation to support warfighter training exercises. In addition to size and cost, PACAF has the added responsibility to ensure that sensitive data is not accessed or leaked to unauthorized parties or systems – especially critical when training multinational coalition forces. To provide the most realistic training for the warfighter, which includes multiple nations and clearance levels, a cross domain solution was needed. To best support the required live, virtual, and constructive (LVC) aspects of the joint training, this cross domain solution had to be near-real time, support a flexible protocol, and be able to obtain an authority to connect (ATC) at the Secret and Below Interoperability (SABI) level.

Fondazione IRCCS Istituto Nazionale dei Tumori (INT) was spending a large majority of its time completing security-related tasks manually. It also required flexible protection against all risks and malicious software. These are classic security issues for both private and public companies, and these issues will always need to be approached by management in the most innovative way. For INT, threat protection is an essential aspect of that challenge. Bellazzi mentioned “browsing on the move” as his security platform requirement. At its core, this is protecting a mobile workforce on all endpoints. Mobile employees are going to leave the on-premises network at some point. Knowing that, it is crucial for any company to keep its same protocols unified across all endpoints, on-premises or remote.

The regional healthcare provider serves millions of patients across seven social-health districts and four hospitals in Italy. As it continues to modernize its IT environment by providing better access to information and incorporating more connected medical devices, its growing cyberattack surface creates new potential entry points for viruses and ransomware—a challenge further complicated by the system’s size and complexity. The organization had already suffered the impact of an environment that wasn’t secure enough when it fell victim to a cryptolocker attack. Its existing proxy server solution for web browsing and email spam-blocking left it vulnerable to system-crippling attacks.

One of Danieli’s key challenges was protecting its intellectual property, specifically its designs for machinery and industrial plants. Moreover, as a public company, Danieli was concerned with protecting its corporate image while providing protection against a quickly evolving and adapting threat landscape. Additionally, the company was looking for a solution that would easily extend the same level of security across all locations with the ability to manage everything from one centralized and unified console. The leadership team realized the need for a Data Loss Prevention (DLP) solution — a solution that would solve all of these issues. The importance of security in other internal company departments was not always at the forefront of people’s minds. Many people have the perception that security is not a priority until after a breach has occurred. The introduction of a DLP solution highlights the significance of handling data that could jeopardize the company if it were in the wrong hands.

The National Union of Socialist Mutual Health Insurance Funds (SocMut) in Belgium was facing challenges with its on-site email security. The previous solution was implemented locally and required extensive management attention. As users pressed for more flexibility, their demands were met by more and more ad-hoc solutions that stretched management time even further. The organization was increasingly limited by its on-site email security. The criteria for a new solution included cost, security, management, and the knowledge and expertise of the supplier.