Leading Consultancy Company

Overview

This leading consultancy company (choosing to remain anonymous) offers consulting, technology and software solutions to the Fortune 1000. The company is migrating to the cloud for delivery of applications to its clients and employees.

Challenge

From a cost-saving perspective, the sooner the transition to the cloud is completed, the better. However, given the company’s roster of high-profile financial and insurance clients, airtight security and compliance are imperative. IT management needs full visibility and control into cloud apps as well as maintaining compliance with stringent financial and HIPAA requirements.

“It’s critical to protect what’s being put out there. We can’t stop hackers from attempting attacks, so we need an effective defense.”
— Director of Risk Management and Cybersecurity, Leading Consultancy Company

This protection must embrace a variety of use cases. As well as providing custom solutions to clients and partners, the company has authorized use of third party SaaS apps like Workday and ServiceNow.

Strong protection was also a prerequisite for migrating the company’s internal IT to the cloud. IT needed a real-time window into how, when and where employees access cloud applications, including unsanctioned ones—the infamous “Shadow IT.” The IT team also had to control access from a wide variety of unmanaged employee devices. The company needed a cloud security solution to span the full range of current and future requirements.

Lastly, the company needed to protect a custom solution running on Microsoft Azure^TM—a business and political risk assessment app serving large financial clients with even larger institutional customers of their own. The scenario demanded nothing less than the best possible security and compliance: gaps or lapses could result in seven-figure losses, lawsuits and, most critically, the potential irreparable loss of hard-won client trust.

Solution

With no margin for error and management pressing for a rapid launch, many security vendors quickly fell by the wayside. After a thorough evaluation, the company chose Forcepoint CASB (Cloud Access Security Broker) because of its unrivaled depth and breadth of protection.

“Forcepoint CASB starts with true visibility into the cloud. None of the other products we reviewed came close.”
— Director of Risk Management

The company was pleased to find that comprehensive controls and policies were already included with Forcepoint CASB to address industry regulations (PCI, DSS, SOX, HIPAA). The solution also came with a flexible choice of deployment options and a team of Forcepoint specialists, who quickly learned the custom app and mapped application actions and data types for granular protection. No changes to the application were required, which considerably shortened the deployment time.

To further enhance its protection, the company harnessed Forcepoint CASB’s unique ability to configure custom security policies. User profile behavior, anomaly detection and specific devices were defined down to granular detail. The solution then automatically enforced these controls—exposing outliers, delivering warnings and two-factor authentication challenges, or blocking access outright, based on mitigation rules set by the company.

Results

The ease and speed of Forcepoint CASB deployment aligned perfectly with the company’s long-term strategy to fast-track its migration from their data center to the cloud.

“As we’ve been moving more towards the cloud, we found that Forcepoint CASB was the only solution that could address our security needs for internally developed and third party applications swiftly.”
— Director of Risk Management

Implementation has been especially rapid for popular applications like Salesforce.com, since Forcepoint had already done the security mapping work, saving deployment time and ensuring against gaps in protection.

Given the unrivaled advantages of Forcepoint CASB, the company is ecstatic about its cloud security gateway choice.

“Forcepoint CASB is our eyes in the cloud to help us identify and control exactly what is happening in our cloud applications.”
— Director of Risk Management

Forcepoint CASB is the only cloud access security broker offering this leading consultancy company data and user visibility, access control, custom security policies, and full auditing capabilities—all easily layered on top of their in-house applications without having to change any underlying code or impact on the user experience.