BDO Digital’s security managed services provide 24x7 security monitoring
A distributed enterprise model is inherently more difficult to secure compared to a centralized model where all employees are located under a single headquarters site.
When it comes to centralized large headquarters sites, it's possible to secure them with traditional methods using one powerful firewall, and the need for features such as software-defined WAN (SD-WAN) or a security fabric is less critical. For this manufacturing company, where the workforce was distributed, a different approach was needed.
Uncovering the Gaps with In-Depth Security Assessment
Rather than leaving the fate of their business to chance, the company engaged with BDO Digital to conduct an in-depth security assessment to uncover risks and help them make more informed investments in protecting their data.
As an outcome of a security assessment, BDO Digital found the customer needed SD-WAN features in addition to security and the FortiGate firewalls they were set to deliver. Each site had an MPLS and basic Internet connection. By deploying the use of SD-WAN, each site could have greater resilience and highly-available connection back to the HQ datacenter and the cloud.
Best Performance per Dollar
Fortinet solved the distributed enterprise problem gracefully. Each individual firewall provided the best performance per dollar compared to any firewall on the market due to its proprietary ASIC (hardware chip) technology. The small branch office model could support essentially all of the security features of a larger model. This allowed the company to deploy lower-end models to remote sites, significantly reducing the hardware cost for each site. This also allowed the manufacturing company to focus its budget on licensing and implementing the latest security features.
Use Fortinet Security Fabrics to Protect the Enterprise
The manufacturing company also needed a solution to help prevent and block zero-day malware. This is malware that is typically new in the wild and less than 24-hours old.
In addition to the FortiGate firewalls, BDO Digital deployed the FortiSandbox solution as part of the Fortinet Security Fabric. The FortiGate firewalls forwards all unknown files to this solution. The FortiSandbox can then execute files in an isolated environment that mimics client systems such as Windows 10. It looks for signs of suspicious or malicious activity.
For example, if a file tries to “phone home” to a known botnet, it is marked as High Risk or Malicious. The signature of this file is then reported back to all Fortinet firewalls. If the file enters the network again on any firewall, it is immediately blocked by the anti-virus (AV) component in real time.
Since the company is publicly-traded, they are bound by SOX compliance. As such, they needed a solution to retain all types of firewall system and security logs for up to 1 year. FortiAnalyzer is a logging solution that can centralize all logs into a single system. The built-in database and reporting system made it feasible for the company to highlight-risk events, find a “needle in a haystack,” or easily fulfill audit requests.
BDO Digital's Managed Threat Defense
The customer also needed monthly reports that summarized all information based on risk. To do this, BDO Digital took logging and reporting capabilities of the FortiAnalyzer to the next level as part of the full managed firewall security managed service, also known as “Managed Threat Defense.”
In addition to responding to system and security events 24x7 with a dedicated NOC team, the Managed Threat Defense services also included monthly reporting and risk analysis. BDO Digital did not simply use the canned reports since they can be a challenge when it comes to assessing risk to the organization.
From there, BDO Digital gathered the most important information and report on known risks and trends that could lead to high or critical risks to the organization. By leveraging the features of the Fortinet solution as well as BDO Digital’s reporting, the company had much greater visibility into the security risks on their network.
They immediately started to see surprising and previously unknown security risks, such as the use of BitTorrent software and unencrypted FTP. Malware on infected personal mobile devices and contractor laptops on their internal trusted networks were also found. All malicious activity was blocked from Day 1.
Solid Governance Ensures a Secure Solution
The solution provided a uniform platform that finally allowed for rollout IT governance and standards. This was a major gap found in the security assessment.
After deployment, the company worked with BDO Digital to further define standards for firewall rules, security profile configurations and admin logins using Active Directory accounts. This reduced the guesswork for the local site IT teams when it came to firewall administration and management.
Have you made, or are starting to make, the transition to a modern next-gen firewall platform? Contact BDO Digital to discuss your unique needs and establish a security roadmap and strategy that addresses your cybersecurity needs.