Limited Resources Constrain Coverage
Through its encouragement of exploration
and personal discovery, the foundation’s IT infrastructure frequently
experiences the presence of malware, typically initiated by
unsuspecting users clicking on a link or attachment in an email.
Individual computers were regularly victims of ransomware attacks and
the foundation also faced drive-by-downloads.
When a resident or staff member
recognized that a cyber attack was taking place, they are requested to
use the foundation’s IT hotline to report the issue. As this often
happened outside of the team’s standard working hours, malware
frequently had the opportunity to establish itself and attempt to
broaden its attack. Even when quickly detected, it was not uncommon
for systems to be down for up to three days.
Berensmann recalled: “Our modestly-sized
team was repeatedly stretched in trying to manage these kinds of
incidents. It became very apparent that our signature-based protection
was not sufficient and that we needed to be able to identify unknown
threats in real-time. At the end of the day, it is always about
finding the absolute best way to keep our residents secure.”
Multiple Recommendations for FireEye
Berensmann and his team researched the
market and consulted with their professional network. “As one of the
most vulnerable and most exploited threat vectors, we knew we wanted
to start by securing our email traffic. Almost everyone we asked
recommended FireEye Email Security,” he described.
“We worked with two of our IT partners to
evaluate the FireEye solution and it scored extremely highly. The
automated detection and remediation capabilities definitely checked
the boxes for being low maintenance and being able to provide
continuous protection around the clock.”