"Our infrastructure is huge but we’re
only as strong as the weakest link: Each asset across the network is
important and we need to ensure we secure every single element,"
described Bonifacio. To address the challenge of extending protection
to each of its more than 10,000 endpoints, Globe deployed FireEye
Endpoint Security (HX series). HX assesses activities to identify
exploits at onsite and remote locations, making it possible to
immediately isolate compromised devices to stop attacks — all with a
single click. Bonifacio continued. "Every endpoint counts and HX
gives us the ability to instantly confine a threat and investigate the
incident without risking further infection."
The FireEye Email Threat Prevention Cloud
(ETP) secures what is typically one of the most vulnerable attack
vectors: Email-based attacks, in particular spear phishing, remain one
of the favored methods of launching advanced persistent threats (APTs)
due to the complexity involved in detecting them. ETP is a SaaS
solution that protects mailboxes against advanced email attacks and
provides anti-spam and antivirus software capabilities. ETP seamlessly
integrates with the FireEye NX platform to defend against blended
attacks that attempt to exploit multiple threat vectors. Bonifacio
noted, "ETP is a key component in our layered defense strategy
and as it’s specifically tailored for cloud-based environments it is
the perfect fit with our Google email system."
Globe utilizes the FireEye Central
Management (CM) series to consolidate device and intelligence
management, enabling the correlation of threat data across all of its
Being reactive and proactive
Bonifacio is very confident in the
effectiveness of the security solutions he has implemented but feels
that this is only half of the challenge: "We have to protect
everything across the entire environment; however attackers only have
to find one tiny weakness. There is an inevitability that breaches
will occur and I believe once you’ve done due diligence in securing
your infrastructure, what’s then most important is how you actually
react when you are compromised.
"We have implemented world class
defenses," he stated, "but if a breach does occur we don’t
try to hide it. We report every violation to our executive team. Being
breached is most definitely not an indication that we failed; for me
it’s how we handle the incident — and what we learn from it — that
determines success or failure."
Although placing an emphasis on
prevention, to fully deliver on his strategy, Bonifacio has invested
in additional services from FireEye’s Mandiant team to complement his
implementation of FireEye CM, NX, and ETP solutions.