A New Security Strategy with Forcepoint Helps this Customer Service Organization Secure Personal Information Across 22 Countries, Despite an Evolving Threat Landscape
As the amount of personal and financial data acquired by this managed services enterprise increases, so too does the target on its back for data theft
This third-party vendor serves as the face of interaction between its business clients and their customers—and those interactions result in an exchange of a large amount of personally identifiable information. As the company’s data stores increase, so too does its attractiveness to data thieves. Hacking the company would mean accessing the data of the hundreds of companies it serves. So, after recovering from a ransomware attack, the company knew it needed a new security strategy to protect its data, keep up with an evolving threat landscape, and maintain a trusted environment for its clients.
- Safeguard data against ransomware and other attacks for hundreds of client companies and millions of end users.
- Meet stringent security service level agreements in customer contracts.
- Replace a difficult to manage and time-consuming opensource security solution with Forcepoint Web, Email and DLP.
- 1,500 users protected.
- 99.99% of threats intercepted.
- Faster response times.
In today’s competitive and connected economy, the customer experience is everything. According to Gartner, 89% of companies compete primarily on the basis of customer experience – up from just 36% in 2010. In the digital world, customers comment more frequently, and more publicly, about brands than ever before—compounding the importance of attention to customer service and satisfaction.
Protecting the data of millions by protecting itself
The company’s entire business, a managed administration services group based in Italy, is built around providing a superior experience for its customers’ customers. Clients outsource the management of customer interactions and processes to the company because of its expertise and innovation in high-touch customer interactions. Across a wide variety of industries (including telecommunications, banking, and utilities), the company offers managed customer services like invoicing, debt collection and credit management, customer feedback management, and technical support—just to name a few.
As its services are rooted in data exchange, the company’s success— including strong expansion abroad through acquisitions—means that the amount of information it must protect is growing exponentially. The result is that a breach would grant bad actors access to data from not just one company, but hundreds. And bad actors know that, in many cases, an enterprise’s third-party vendor is a weaker link into the environment than the enterprise itself.
Some of the most publicized data breaches in recent years, including Target and Home Depot, have been a result of third-party vendor vulnerabilities. Because of that known vulnerability, client organizations— including many of those which retain the company’s services—issue contractual service level agreements dictating their information security requirements, who can access what information, and more.
Protecting data across channels from increasingly sophisticated threats
Prior to its relationship with Forcepoint, the company’s open-source security solutions were difficult and time-consuming to manage and maintain. After the enterprise fell victim to a ransomware attack, it knew the time had come to pursue a new security strategy to better safeguard its data against cyber threats, while opening doors to advancing technologies, greater automation, and continual evolution. Thus, a process of gradual modernization has taken shape, beginning with web security and later, email security and data loss prevention (DLP) solutions.
“The awareness of the relevance of the problem was already present,” recalled the company’s head of Infrastructure and Service Management. “And a few years ago, we made the decision to concentrate our attention on the most valuable layer of our information. Typically, it is the data most frequently accessed by top and middle management, and it is towards them that we have turned our intent to increase the level of protection.”
Staying safely ahead of threats through an evolving security strategy with Forcepoint
The company began to transform its security strategy with Forcepoint Web Security, deployed for 500 users at the headquarter location.
“Users have to be able to manage all this information, access customer websites, Customer Relationship Management (CRM) systems, and more—but in a secure way,” said Forcepoint Account Manager, Patricia Sanchez Loyacono. “So, the IT security team needed to make sure that it was not possible for employees to go to non-authorized sites.” By implementing web security, the company aimed to make sure it could securely manage data and access customer websites, while keeping users protected from malware by filtering risky, unauthorized sites. The Forcepoint Advanced Classification Engine, a feature of Forcepoint’s security solutions, enables this by identifying and classifying information crossing the network and delivering real-time security ratings. This helps Forcepoint protect against emerging threats—including the most advanced zero-day attacks and advanced persistent threats.
A couple of years later, as email became a more frequently used channel to exchange information with and provide services to customers, the company began to notice a corresponding increase in phishing attacks.
For better user protection, it turned to Forcepoint for its Email Security Cloud solution, which not only provides robust protection against spam and phishing, but also extends that protection to roaming users.
Most recently, these two security solutions have been enriched with Forcepoint DLP Discover to provide better visibility into where sensitive data resides—particularly important with the advent of GDPR and other data protection laws.
“We measure each month how many threats are intercepted, and we can say that the solution intercepts threats at 99.99%.”
1,500 users protected with 99.99% success
What began with a Web Security deployment has grown into a sixyear security transformation journey, giving the company the power to respond flexibly to evolving threats. Even as the threat landscape becomes more sophisticated, Forcepoint solutions have grown and scaled with the enterprise and its requirements. Today, Forcepoint technologies cover the security needs of about 1,500 users responsible for the enterprise’s core corporate functions.
“We measure each month how many threats are intercepted, and we can say that the solution intercepts threats at 99.99%,” the company’s head of ISM said.
When incidents do arise, Forcepoint makes it easier for the company to manage a response in less time than was previously possible. In addition, the cloud-based Email Security solution has reduced network traffic by blocking illegitimate emails before they reach the network. With DLP Discover, the enterprise can also identify and secure data on the network and simplify compliance with GDPR and other data protection laws with a robust library of pre-architected policies.
Moving forward, the company will continue to leverage its relationship with Forcepoint to step up its data protection as needed to respond to the modern threat landscape, keeping its clients and their customers safe from data breaches. The enterprise is currently working to migrate its Web Security solution from an on-premises deployment to a hybrid one, to better protect its rising number of mobile users.
“Forcepoint proved to be the ideal partner for almost total adherence to our needs,” the head of ISM said. “This is definitely the approach that most overlaps our vision, and it has become key to providing strong security for the data that flows through our company every day.”
“Forcepoint proved to be the ideal partner for almost total adherence to our needs.”