Challenge
- Provide consistent, flexible, and scalable security to multiple locations, large and small, across North America
- Identify a vendor that could provide compatible and complete protection for a 100% cloud-enabled organization
- Defend valuable intellectual property and other vital corporate data residing in the cloud against ransomware and advanced malware attacks
- Ensure that all users—regardless of location—are productive and safe, while the IT team enjoys continual visibility across the entire technology infrastructure
- Maintain a diligent security strategy while maximizing finite IT resources
Solution
Sophos Synchronized Security
Sophos Intercept X Advanced with EDR
Sophos Intercept X Advanced for Server
Sophos Central Web Protection Advanced
Sophos Central Device Encryption
Sophos RED (Remote Ethernet Device)
Sophos XG Firewall
Sophos Technical Account Manager (TAM)
Result
1- Provide consistent, flexible, and scalable security to multiple locations, large and small,
across North America:
- Consider adopting a unified security framework that can be scaled to accommodate different locations.
- Implement network segmentation to isolate and protect critical assets.
- Use cloud-based security solutions that can adapt to the needs of different locations.
2- Identify a vendor that could provide compatible and complete protection for a 100%
cloud-enabled organization:
- Research and evaluate cloud security vendors that offer comprehensive solutions.
- Ensure that the vendor’s offerings align with the organization’s cloud infrastructure and compliance requirements.
- Seek references and reviews from other organizations that have similar cloud security needs.
3- Defend valuable intellectual property and other vital corporate data residing in the cloud against ransomware and advanced malware attacks:
- Implement a multi-layered security strategy that includes endpoint security, network monitoring, and data encryption.
- Regularly update and patch all software and systems to mitigate vulnerabilities.
- Educate employees on cybersecurity best practices to reduce the risk of social engineering attacks.
4- Ensure that all users—regardless of location—are productive and safe, while the IT team enjoys continual visibility across the entire technology infrastructure:
- Implement a remote access solution that provides secure access to resources for remote users.
- Utilize endpoint detection and response (EDR) tools for real-time visibility into network activity.
- Invest in a robust monitoring and incident response system to detect and respond to threats quickly.
5- Maintain a diligent security strategy while maximizing finite IT resources:
- Prioritize security investments based on risk assessment and critical assets.
- Consider outsourcing security services or using managed security service providers (MSSPs) to leverage expertise.
- Automate security tasks and processes to reduce the workload on IT staff.
What role does security play in a cloud-first corporate environment
At the forefront of technology trends, Del Monte leveraged the cloud and centralized management capabilities to support its business needs and technical requirements. While this strategy has been extremely beneficial for increasing the organization’s agility, it has also made the IT team highly security conscious and proactive about protecting endpoints, the network, and sensitive corporate data, such as its valuable intellectual property, which resides on external cloud platforms.
For Balsley and his team, security is always a balancing act. “We’re not a technology company, but, similar to most other organizations, we rely heavily on technology to run our core business. Any disruptions that prevent someone from doing their job efficiently is an immense problem,” he says. “On the IT side, we evaluate solutions incredibly carefully before we deploy them. We are continually asking ourselves whether those solutions are truly beneficial to the organization or whether they will create problems that interfere with productivity,” he says.
Del Monte needed a vendor that would meld seamlessly with its cloud-first strategy, provide transparent protection for its diverse user base across multiple locations, and enable the IT team to fulfill its rigorous security requirements.
How does an organization with multiple offices and mobile workers protect its valuable IP and assets?
The IT team was well aware that Del Monte’s valuable research and intellectual property (IP) made it a target of choice for adversaries. They knew that attacks could potentially put Del Monte’s vital corporate data at risk and result in business downtime. Balsley and his team made the decision to adopt Sophos when the company was hit with a series of advanced malware and CryptoLocker ransomware attacks, which the legacy endpoint solution was unable to block.
Balsley and his team first deployed Sophos Central Endpoint Protection. The solution provides Del Monte with a broad spectrum of endpoint protection: signatureless malware detection, host intrusion prevention, category-based web filtering—enforced both on and off the corporate network—application control, peripheral control to manage access to removable media and mobile devices, and data loss prevention to restrict unauthorized data flow. The centralized cloud-based management console is intuitive, easy to use, and a perfect fit for Del Monte’s cloud infrastructure.
“Ever since we switched to Sophos, we have not experienced any endpoint problems. We take an aggressive approach and turn on all the features and capabilities for that extra measure of protection. Our team no longer spends the entire day monitoring endpoints, or continuously examining log files. With Sophos, we know our endpoints are healthy and operating as they should. I feel very comfortable that our endpoints are well protected,” asserts Balsley.
The team also added Sophos Intercept X Advanced to block and remove residual ransomware from previous attacks and prevent future attacks. Sophos Intercept X Advanced safeguards endpoints against known and unknown threats through its signatureless exploit prevention, deep learning malware detection, and advanced ransomware protection.
“We haven’t had any CryptoLocker issues since our Sophos deployment. Intercept X excellently blocked infected files and reverted those files back to their previously known good state. We’ve seen it first-hand – Intercept X does an impressive job at cleaning up previous threats,” relates Balsley.
Another facet of Del Monte’s uncompromising data protection plan was to prevent users from saving and sharing vital company data on USB drives that were not encrypted. Sophos Intercept X Advanced provides them with a level of control that enables them to permit only approved, encrypted storage devices. The team took it a step further with Sophos Central Device Encryption, which they deployed over the air with just a few clicks. Now all of Del Monte’s systems, even remote laptops, have full-disk encryption.
As a result, Balsley now knows that encryption requirements for protecting sensitive data are being completely met. An established company with brand