For the last few weeks, we’ve been looking at customer success stories with one thing in common: a large environment with multiple touch-points, all very difficult to protect. If there is a theme that can be gleaned from all of this, it’s that siloed security will not win the day. In order to truly protect the full environment, a connected, integrated architecture is key.
Our latest highlighted Intel Security customer is a global manufacturing company with more than 100,000 endpoints and 200 locations around the world, including three data centers. The IT environment consists of many different flavors of Windows desktops and servers as well as Mac OS and Linux platforms. Like many large, multinational enterprises, the company states that the biggest threats to its critical data originate from IP sources.
The company manages this complex environment through its Information Security Risk and Compliance group, a multidisciplinary team consisting of endpoint security, a security operations center, a vulnerability manager, and risk/compliance. According to the company’s desktop endpoint security manager, the group’s mission goes far beyond network and data security to provide businesses, customers, suppliers, and shareholders with high business value and assurance that the company’s information assets are being protected.
To consolidate and strengthen security throughout the company, the group has adopted a comprehensive suite of Intel Security products. At the heart of the solution is McAfee ePO, which provides a centralized console for the company to manage the entire environment and integrate each security component. The integrated McAfee security solutions include MOVE AV, VirusScan Enterprise, Host Intrusion Prevention for Server, Drive Encryption, File and Removable Media Protection, Global Threat Intelligence, Threat Intelligence Exchange, and Application Control. The company has a unique software licensing agreement with Intel Security that enables it to pilot and test various solutions prior to integration into the deployed mix, and also to reallocate licenses.
With Intel Security solutions, the company’s security team is able to spend its time adapting the environment as needs change, rather than having to be in constant reactive mode to mitigate security events. To give an example, McAfee Global Threat Intelligence uses Threat Intelligence Exchange to automatically block known bad or stolen certificates from running in the environment. From the centralized ePO management console, the team can easily implement global policies to prevent isolated events from spreading across the organization.
The team is able to focus on testing and deploying new products and upgrades, applying correct policies, and maximizing endpoint security with minimal user impact. McAfee Active Response, a comprehensive endpoint detection and response tool, gives the team the ability to remotely troubleshoot workstations without having to remotely connect, and without requiring admin rights. “This is a big win for us – we don’t have to open a ticket with local support and then deal with the time lag associated with that,” the manager says.