Magazine Article | January 1, 2017

Create An IT Security Differentiator

By The Business Solutions Network

This network security expert earned a multiyear IT consulting project with a medical company by helping the client self-discover its security vulnerabilities.

Quality Plus Consulting (QPC) is a five-employee firm that architects and secures networks, servers, cloud platforms, infrastructures, applications, endpoints, and email solutions. One thing that stands out about its business model is that it doesn’t focus on signing customers up for monthly recurring managed services programs.

Help Prospects Self-Discover Their Security Vulnerability
LifeCenter Northwest (LCNW) is a 100-employee company specializing in organ transplants that QPC engaged with last year. “Oftentimes when we meet with a client, they know something is wrong, but they don’t know how serious the problem is,” says Felicia King, president of QPC. “For instance, in this case, they knew their network was sluggish, and they wanted to make it faster, but the culprit was much different from what they thought it was.”

When QPC’s architects took a closer look, they discovered that the client had no visibility into who was accessing its network, servers, or endpoints; it lacked adequate endpoint security; and it had inadequate documentation for its network standards, security policies, and procedures.

“The root problem was that over the years the client had hired contractors to perform specific network projects, and there was no continuity with the network architecture,” she says. “For example, one of the contractors created a subnet and put everything on it with no segmentation, which made it impossible to monitor and secure the network.”

QPC’s thoroughness with its assessments and inquiries earned the client’s trust, and after validating that the client understood what would be entailed in resolving its problems, a deal was struck.

Take A Long-Term View Of Network Health
QPC recommended and implemented several solutions and networking services, including:

  • Microsoft Office 365 with EMS E5 and Advanced Threat Analytics. This solution connects cloud and onpremise threat analytics and integrates with the system log.
  • Trend Micro Worry-Free Business Security Services. QPC procured this host-based solution from its valueadded distributor partner, Interwork. Worry-Free can be managed from Trend Micro Control Manager, which collates data from all the network agents and security solutions and enables architects to manage all security monitoring and alerting from a single screen.
  • Trend Micro Cloud App Security. This product plugs into the Office 365 tenant and provides security visibility and data loss prevention control. Ransomware and other malware is stopped from being transmitted through Skype file sharing, the web user interface for Office 365, externally shared OneDrive and SharePoint sites, and mobile devices that upload files directly into Office 365.
  • Trend Micro Interscan Web Security Services. IWS is a cloud-hosted solution that allows for always-on protection of remote workers who may not want or need an always-on VPN service back to corporate.
  • WatchGuard T30W, T50W, and M400 Fireboxes. “This perimeter-based security appliance makes it easier to spot and correct misconfigurations, which are what account for 97 percent of data breaches, per Gartner,” says King.
  • WatchGuard wireless access points (WAPs).
  • SIEM (security information and event management). This solution receives network traffic from all sites in a centralized location, actively monitors LCNW’s syslog for traffic anomalies, and provides security threat analytics.
  • HP ProCurve switches with ProVision NOS (network operating system) Layer 3 with full CLI (command- line interface). King likes these switches because they have a dedicated OOBM (out-of-band management) network port, which makes it easier to recover from a switch configuration mistake.

The network reconfiguration and upgrades were rolled out in stages over a two-year period, which allowed the organization to fully adopt each new security solution, server, network, or endpoint change one at a time. “It also allows for the IT staff to manage any ticket load associated with the changes,” she says.

The client now has nearly total awareness of what is going on at the network, server, and endpoint level, says King. “We are adding cloud awareness and additional security controls every quarter. The new network visibility tools provide the IT staff the ability to identify which devices unauthorized traffic is associated with in less than 5 minutes, even when the endpoint is on the guest network and is not joined to the domain.”

Another sign of the success of the project is that the medical company continues to contract with QPC — not because it’s locked into a long-term contract, but because it continues to receive valuable advice and visible improvements to its network.