Emerson Process Management faced several challenges. The company's policies were too complicated and required too much headcount to maintain them. This led to data exfiltration that left the organization exposed. Furthermore, the company needed to control and manage data that was subject to regulation. The company was in need of a solution that could help them easily find and control regulated data and sensitive IP.

The New York Crime Analysis Centers (CACs) faced the challenge of deploying a robust, scalable, and affordable platform to provide each CAC with single-query access to their extensive volume of crime and intelligence data and the ability to query and share statewide. Each CAC represents unique architectures, multiple law enforcement agencies, multiple users with multiple sources, and varying law enforcement and related data. Each CAC varies greatly in configuration, location and data source structure. With new sources of data constantly being identified and updated in daily operations and investigations, CACs have to support local control of the data dissemination without the need to persistently store data in a warehoused environment. DCJS required a cost-effective system that could meet the needs of the CACs while delivering high performance and scalable results.

The Air Force Central Command (AFCENT) was tasked with establishing a new combined air and space operations center (CAOC) to replace a temporary facility that had been in use for six years. The new CAOC needed to provide more robust systems to accommodate users and improve interoperability. It also had to make the best possible use of physical space and reduce power consumption. The transition from the old facility to the new one had to be seamless so as not to interrupt mission operations. The CAOC was controlling air operations in two live theaters at transition time. The project, from planning to implementation, was completed in less than two years. This desktop consolidation project presented other challenges for all parties because AFCENT’s mission requires 24x7 operations with 99.99% availability.

Escorts Limited, a leading engineering conglomerate in India, generates a large volume of in-house IP in the form of blueprints and designs for engines, transmissions, and machines like tractors, cranes, backhoe loaders, compactors, and equipment used in railways. This IP required protection. The company also does business with leading manufacturers worldwide, creating even more IP that must be secured. A largely mobile global marketing and sales force required secure access to IP on and off the official network.

Crediton Dairy, a medium-sized enterprise in the industrial manufacturing sector, was facing challenges in controlling and managing data that were subject to regulation. The company needed a solution that could provide visibility into data movement within the business and automate policy enforcement based on user behavior. The solution also needed to minimize disruption to users and help the company get started with their data loss protection project faster than expected.

Lake Michigan Credit Union faced several challenges in ensuring the security of their member data. They needed to protect against external threats such as phishing and malware, which could compromise the trust of their members. Additionally, they needed to prevent internal vulnerabilities, such as employees sending member data via personal email, uploading to a personal or unsanctioned website, or copying to a USB drive. The credit union also wanted to minimize the time their staff spent managing security tools and addressing threats.

The bank has been a leader in the Egyptian economy by offering progressive digital banking services and increasing financial inclusion for some of the country’s most underserved segments. However, this also means that the bank must safeguard the personal and financial data of some 700,000 retail customers, many of whom are technology newbies. A breach could impact growth and operations while decimating customer trust. After encountering an increase in threats targeting its email communications, the bank turned to Forcepoint for a solution. The bank has seen an uptick in email-based avenues of attack, including executive-level targeted phishing attacks and zero-day attacks via emails sent to its nearly 6,000 employees.

Compartamos Banco, the largest microfinance bank in Latin America, faced the challenge of protecting a complex organization that includes 16,000 employees, more than 500 offices, and 2.5 million customers. The bank needed to comply with regulations including National Banking and Securities Commission (CNBV), Federal Law of Protection of Data in Possession of Individuals (LFDPPP), and international standards. The bank's objective was to eradicate financial exclusion by offering basic financial services to the low-income population, and to do so, it needed to ensure the security and protection of its data.

Honda Motorcycle and Power Equipment (MPE), a high-profile Australian national company, faced a significant challenge in preventing sensitive data leakages and protecting its user’s access to the Internet. As part of the global Honda brand, Honda MPE had to meet Honda’s global network security standards. The company had experienced several data leakage incidents and needed to control and protect the Internet usage by its staff to ensure that sensitive data was not leaked outside the organization. The IT department at Honda MPE, led by Senior Manager Craig Bassett, was tasked with finding a balance between flexibility and security. They needed a solution that would not restrict their staff from performing their roles but would protect them and Honda from any malicious intent.

Smurfit Kappa, a leading manufacturer of corrugated and solid board packaging, faced a significant challenge in managing its IT infrastructure. The company's IT division was responsible for managing all servers and domains in the Active Directory of the Smurfit Kappa Group, which ran in two data centers located in Amsterdam and Nieuwegein. The division was also tasked with information security management, dealing with incidents of spam, malware, and data theft or loss. The team was dealing with an average of 350 security incidents per week, a daunting task. Additionally, as a global company, Smurfit Kappa had to comply with Sarbanes-Oxley laws and regulations (SOX), which imposed strict requirements for data storage. The existing solution was high maintenance and required continuous monitoring. The company needed a solution that could delegate responsibilities, reduce tasks for IT operations, and manage 56 email domains and 532 DNS servers across Europe, Russia, South America, and Mexico.

Arapahoe House, a leading provider of substance use disorder treatment in Colorado, faced a challenge with managing and securing data on mobile devices used by its distributed workforce. A significant portion of the workforce used their own devices to access corporate mail from the organization's hybrid Office 365 / Exchange deployment. The IT team was uncertain about the number of BYO devices in use and how they were being used. They needed a solution to secure the data on these mobile devices. They evaluated several MDM solutions including Airwatch and MobileIron but found them unsatisfactory due to their difficult deployment processes and poor user experiences.

Bay Cove Human Services, a healthcare provider network, was seeking a solution to ensure HIPAA compliance without altering the user experience. They were using Google's G Suite as their productivity backbone and needed a solution that would provide secure access to G Suite from any device. The challenge was to find a solution that would not require invasive agents or any configuration, and would allow users to simply log in to G Suite from any browser and be securely routed to the app.

Marisol International, a global supply chain services provider, faced a challenge in balancing the security requirements of global freight operations with the mobility needs of its employees. The company handles sensitive freight information for its customers, making security a top priority. However, its employees are globally dispersed and require access from a variety of BYOD (Bring Your Own Device) mobile devices. The company needed a solution that could be deployed quickly and easily, without taking undue control over personal mobile devices.

The firm was looking for a cloud security solution that could be quickly deployed in concert with this rollout. Given the high profile nature of its clientele, the complete assurance of data privacy is of highest importance to the organization. The firm wanted to maintain sole control of its data – it didn’t feel comfortable with cloud vendors having any visibility into customer information. The firm’s security architecture and risk teams set out to find a security solution that would help enable secure cloud application usage. For Salesforce specifically, they wanted an encryption solution that maintained integrity of data security while enabling full application functionality including search, reporting, and the firm’s Salesforce customizations and third party integrations.

The healthcare firm was looking to transition its 30,000 global employees to a SaaS productivity suite. The firm’s IT team had already deployed Office 365 for email only, but without proper security controls it refused to deploy file sharing and storage via OneDrive and Sharepoint. The firm’s existing security architecture included next-gen firewall appliances, along with secure web gateways from Bluecoat and Symantec DLP appliances. This network-level security architecture was inadequate for protecting data in the cloud and allowing for access on any device. The firm’s internal Office 365 productivity suite initiative was set to rollout rapidly throughout the company, its enterprise security architecture team decided to deploy a cloud access security broker solution to enable secure cloud usage. Of particular concern was protecting PHI, PII, and corporate intellectual property in data flowing out of the cloud. The native Office 365 security controls did not provide an adequate level of data protection, especially in the case of data access by unmanaged and untrusted devices.

The payment and debit-card processing leader standardized on Google's G Suite, but struggled to achieve PCI compliance for its auditors. With a mix of regular employees and contractors, managed and BYOD mobiles and laptops, as well as a geographically distributed work force proved challenging when it came to achieving PCI compliance. The compliance team wanted to restrict contractors to browser access and only on the corporate network, whilst allowing regular employees full access on managed devices and corporate networks, but restricted access on BYOD.

The global arms manufacturer, based in the United States, faced a significant challenge in securing BYOD access to corporate productivity applications. The company, which supplies products to thousands of military and law-enforcement organizations worldwide, had previously attempted a Mobile Device Management (MDM) deployment. However, the MDM solution proved unsuitable for a wide range of BYOD devices. The global distribution of the company's employees made supporting MDM on BYOD very expensive. Moreover, many employees rejected the idea of installing MDM agents that controlled their devices and potentially threatened their privacy. This unsuccessful deployment of MDM resulted in lost productivity for the firm. The IT security team commenced a search for an agentless SaaS solution for mobile security.

The global business data giant, handling business and financial data for much of the Global 2000, faced a challenge when it chose Google's G Suite for SaaS productivity. The firm's existing network-centric security hardware was not capable of understanding the semantics of G Suite to enforce corporate data security policies. Furthermore, users expected access from any device, anywhere, rendering the firm's existing security hardware ineffective. The enterprise decided to use a Cloud Access Security Broker (CASB) to secure G Suite. However, three of the four vendors they considered could only support API-based visibility and control of corporate data, which was not sufficient for the firm's legal team.

The regional health insurance leader wanted to provide mobile email access to their employees while complying with HIPAA regulations. The challenge was to ensure that Protected Health Information (PHI) remained under the company's control at all times, as 75% of breaches in the healthcare sector are attributed to lost and stolen devices. The company's first attempt at solving the BYOD challenge involved device management software from Good Technology, which was quickly rejected by employees due to usability and privacy concerns.

The international telecom conglomerate was facing a pressing concern of data breaches despite having all the latest security gear. Their customers were finding breaches impossible to prevent and were looking to the telecom giant for help. The CTO and his team set out to evaluate the spectrum of early breach detection products on the marketplace. They first considered APT appliances, but quickly ruled them out as they could not scale to the high levels of traffic experienced by the firm’s clients. Next, the team considered various SIEM apps, but those required a huge amount of manual oversight from trained professionals to monitor the overwhelming number of alerts generated.

The S&P 500 beverage manufacturer was struggling to implement a secure Bring Your Own Device (BYOD) program for its globally distributed workforce. The company's IT team was concerned about the risk of corporate data being present on deprovisioned devices. Initial deployments of MobileIron and SAP Afaria, two mobile device management (MDM) solutions, proved challenging and were adopted by fewer than ten users. Employees were concerned about potential privacy violations with the installation of corporate security software on their personal mobile devices. The firm’s IT team found it impossible to install and configure MDM agents on thousands of devices, given the numerous variations of operating systems and device types that come with BYOD.

The global pharmaceutical giant, with over 20,000 employees, was facing a significant challenge in terms of its security posture. The newly appointed CISO wanted to evaluate the existing security infrastructure. Despite having a high-end firewall from a leading vendor, the company was still at risk. The Bitglass Breach Discovery Engine identified several high-risk Shadow IT cloud apps on the network. One unsanctioned cloud app was particularly concerning as it was used by employees to sync their contact lists and calendars. However, the most alarming discovery was the identification of three major risks: an internal IP in contact with a TOR node, twelve internal nodes in contact with a fake DNS server hosting phishing sites, and over thirty internal IPs contacting confirmed Malware hosts outside the firewall.

The multi-national transportation company was undergoing their annual audit when they decided to use Bitglass to catalog Shadow IT cloud apps on their network for their annual compliance report. The auditors uploaded two weeks of firewall logs, approximately 2M log lines per day, for Bitglass to analyze. The Bitglass Breach Discovery Engine identified four high-risk cloud apps widely used on the network: YouTube, MSN, Facebook, Dropbox, and Evernote. The company had previously blocked Gmail and Yahoo due to security concerns. These cloud apps were a compliance risk and merited mention in the annual audit. However, the Bitglass Breach Discovery Engine also uncovered a TOR (The Onion Router) node operating within the corporate network, which was a significant security concern.

AudioNova, a large provider of hearing aids in Europe, was facing challenges due to its rapid growth and expansion to over 1,200 stores throughout Europe. The company had multiple solutions for web and email security on-premises in different regions and locations. This made it challenging for the small IT department to manage security efficiently from the headquarters in Rotterdam. The disparate set of security products was not meeting the company's needs, and a more comprehensive solution was required.

Transnational criminals launder billions of dollars in illegal proceeds every year. In the Southwest Border affected areas, over half a million humans are smuggled and prescription drugs, illegal drugs and intellectual property are stolen. Law enforcement agencies have been challenged to process and analyze an overwhelming amount of data that pertains to these operations. Parsing and finding the incriminating data in a vast sea of constantly expanding data sources became extremely difficult, as the sheer volume of transaction data far exceeded the capability and volume capacity of typical database software. Due to the limitations and restrictions of the technology, transaction volume became the enemy, and it became harder and harder to detect money laundering patterns across the financial industry. A simple query involving multiple names, addresses or telephone numbers, for example, took hours or days to complete. Enforcement agencies were forced to invest a great deal of time searching through databases, sometimes containing millions of records each, for the suspicious activity they knew lurked among the data. In this timeframe, it was difficult to conceptualize money laundering patterns while remaining a few steps behind the criminals themselves.

The Pacific Air Forces (PACAF) and the 353d Combat Training Squadron (353d CTS) operate and manage the premiere joint combat training venue – RED FLAG-Alaska (RF-A). RF-A exercises are held at the Joint Pacific Alaska Range Complex (JPARC) at Eielson Air Force Base and Joint Base Elmendorf-Richardson. JPARC is the largest instrumented air, ground, and electronic combat training range in the world. With multiple joint and coalition forces exercises per year, RF-A provides relevant and real-world air and ground combat scenarios with realistic threats and targets. As many as 90 aircraft and 2,000 personnel participate in the RF-A tactical exercises that cover 66,000 square miles of training airspace and 1.6 million acres of often-rugged land in the joint Air Force/Army-managed JPARC. The JPARC encompasses more than $200 million worth of equipment and instrumentation to support warfighter training exercises. In addition to size and cost, PACAF has the added responsibility to ensure that sensitive data is not accessed or leaked to unauthorized parties or systems – especially critical when training multinational coalition forces. To provide the most realistic training for the warfighter, which includes multiple nations and clearance levels, a cross domain solution was needed. To best support the required live, virtual, and constructive (LVC) aspects of the joint training, this cross domain solution had to be near-real time, support a flexible protocol, and be able to obtain an authority to connect (ATC) at the Secret and Below Interoperability (SABI) level.

Fondazione IRCCS Istituto Nazionale dei Tumori (INT) was spending a large majority of its time completing security-related tasks manually. It also required flexible protection against all risks and malicious software. These are classic security issues for both private and public companies, and these issues will always need to be approached by management in the most innovative way. For INT, threat protection is an essential aspect of that challenge. Bellazzi mentioned “browsing on the move” as his security platform requirement. At its core, this is protecting a mobile workforce on all endpoints. Mobile employees are going to leave the on-premises network at some point. Knowing that, it is crucial for any company to keep its same protocols unified across all endpoints, on-premises or remote.

The regional healthcare provider serves millions of patients across seven social-health districts and four hospitals in Italy. As it continues to modernize its IT environment by providing better access to information and incorporating more connected medical devices, its growing cyberattack surface creates new potential entry points for viruses and ransomware—a challenge further complicated by the system’s size and complexity. The organization had already suffered the impact of an environment that wasn’t secure enough when it fell victim to a cryptolocker attack. Its existing proxy server solution for web browsing and email spam-blocking left it vulnerable to system-crippling attacks.

One of Danieli’s key challenges was protecting its intellectual property, specifically its designs for machinery and industrial plants. Moreover, as a public company, Danieli was concerned with protecting its corporate image while providing protection against a quickly evolving and adapting threat landscape. Additionally, the company was looking for a solution that would easily extend the same level of security across all locations with the ability to manage everything from one centralized and unified console. The leadership team realized the need for a Data Loss Prevention (DLP) solution — a solution that would solve all of these issues. The importance of security in other internal company departments was not always at the forefront of people’s minds. Many people have the perception that security is not a priority until after a breach has occurred. The introduction of a DLP solution highlights the significance of handling data that could jeopardize the company if it were in the wrong hands.

The National Union of Socialist Mutual Health Insurance Funds (SocMut) in Belgium was facing challenges with its on-site email security. The previous solution was implemented locally and required extensive management attention. As users pressed for more flexibility, their demands were met by more and more ad-hoc solutions that stretched management time even further. The organization was increasingly limited by its on-site email security. The criteria for a new solution included cost, security, management, and the knowledge and expertise of the supplier.