Crediton Dairy, a medium-sized enterprise in the industrial manufacturing sector, was facing challenges in controlling and managing data that were subject to regulation. The company needed a solution that could provide visibility into data movement within the business and automate policy enforcement based on user behavior. The solution also needed to minimize disruption to users and help the company get started with their data loss protection project faster than expected.

Lake Michigan Credit Union faced several challenges in ensuring the security of their member data. They needed to protect against external threats such as phishing and malware, which could compromise the trust of their members. Additionally, they needed to prevent internal vulnerabilities, such as employees sending member data via personal email, uploading to a personal or unsanctioned website, or copying to a USB drive. The credit union also wanted to minimize the time their staff spent managing security tools and addressing threats.

The bank has been a leader in the Egyptian economy by offering progressive digital banking services and increasing financial inclusion for some of the country’s most underserved segments. However, this also means that the bank must safeguard the personal and financial data of some 700,000 retail customers, many of whom are technology newbies. A breach could impact growth and operations while decimating customer trust. After encountering an increase in threats targeting its email communications, the bank turned to Forcepoint for a solution. The bank has seen an uptick in email-based avenues of attack, including executive-level targeted phishing attacks and zero-day attacks via emails sent to its nearly 6,000 employees.

Compartamos Banco, the largest microfinance bank in Latin America, faced the challenge of protecting a complex organization that includes 16,000 employees, more than 500 offices, and 2.5 million customers. The bank needed to comply with regulations including National Banking and Securities Commission (CNBV), Federal Law of Protection of Data in Possession of Individuals (LFDPPP), and international standards. The bank's objective was to eradicate financial exclusion by offering basic financial services to the low-income population, and to do so, it needed to ensure the security and protection of its data.

AMAG Pharmaceuticals, a company that develops and commercializes a therapeutic iron compound to treat iron deficiency anemia, decided to adopt G Suite as the all cloud backbone for the company. This decision was made to enhance productivity as G Suite offers a high performance productivity suite that is flexible and easy-to-use. However, combining BYOD and cloud meant that AMAG lost visibility and control of its data, risking security and compliance. Existing security solutions were not readily applicable to cloud apps and raised privacy concerns, since employees didn’t want IT monitoring their personal cloud apps or mobile devices.

The ad agency was looking to migrate from an on-premise solution to Office 365 to cut costs and increase employee productivity. However, some of the agency’s large clients, including Microsoft and Walmart, had concerns about the security of their creative assets. The agency needed to add another layer of security to their public cloud apps. They required solutions for single sign-on, mobile security, and access control. After evaluating several vendors, the agency determined that Bitglass was the only solution that met all their requirements.

The hospital system, located in the Southeastern United States, was in need of a solution for HIPAA compliance on mobile devices. The Department of Health and Human Services reports that 70% of data breaches in healthcare are the result of lost or stolen devices. The hospital's incumbent mobile security solution, AT&T Toggle, was made obsolete after Google acquired the source company Divide. The hospital's compliance team wanted a replacement that was secure, easy to use, and transparent to users. They were particularly wary of solutions that required software on BYOD. A second criterion for the solution was the ability to support migration to Office 365, which was looming in the near term.

The mid-sized technology company, which provides services to high-value targets on Wall Street, was facing a significant cybersecurity threat. Despite having a high-end 'Next-Gen-Firewall' installed, the firm discovered that ten internal IPs were contacting Malware Command and Control destinations outside the firewall. Some of the internal IPs had multiple malware infections. The firm was an ideal back door for hackers who could inject malware into the service provider, gain access credentials to their customers, and exfiltrate high-value data without being detected. The average breach lasts almost eight months, posing a significant risk to the firm and its clients.

Honda Motorcycle and Power Equipment (MPE), a high-profile Australian national company, faced a significant challenge in preventing sensitive data leakages and protecting its user’s access to the Internet. As part of the global Honda brand, Honda MPE had to meet Honda’s global network security standards. The company had experienced several data leakage incidents and needed to control and protect the Internet usage by its staff to ensure that sensitive data was not leaked outside the organization. The IT department at Honda MPE, led by Senior Manager Craig Bassett, was tasked with finding a balance between flexibility and security. They needed a solution that would not restrict their staff from performing their roles but would protect them and Honda from any malicious intent.

Smurfit Kappa, a leading manufacturer of corrugated and solid board packaging, faced a significant challenge in managing its IT infrastructure. The company's IT division was responsible for managing all servers and domains in the Active Directory of the Smurfit Kappa Group, which ran in two data centers located in Amsterdam and Nieuwegein. The division was also tasked with information security management, dealing with incidents of spam, malware, and data theft or loss. The team was dealing with an average of 350 security incidents per week, a daunting task. Additionally, as a global company, Smurfit Kappa had to comply with Sarbanes-Oxley laws and regulations (SOX), which imposed strict requirements for data storage. The existing solution was high maintenance and required continuous monitoring. The company needed a solution that could delegate responsibilities, reduce tasks for IT operations, and manage 56 email domains and 532 DNS servers across Europe, Russia, South America, and Mexico.

AudioNova, a large provider of hearing aids in Europe, was facing challenges due to its rapid growth and expansion to over 1,200 stores throughout Europe. The company had multiple solutions for web and email security on-premises in different regions and locations. This made it challenging for the small IT department to manage security efficiently from the headquarters in Rotterdam. The disparate set of security products was not meeting the company's needs, and a more comprehensive solution was required.

Transnational criminals launder billions of dollars in illegal proceeds every year. In the Southwest Border affected areas, over half a million humans are smuggled and prescription drugs, illegal drugs and intellectual property are stolen. Law enforcement agencies have been challenged to process and analyze an overwhelming amount of data that pertains to these operations. Parsing and finding the incriminating data in a vast sea of constantly expanding data sources became extremely difficult, as the sheer volume of transaction data far exceeded the capability and volume capacity of typical database software. Due to the limitations and restrictions of the technology, transaction volume became the enemy, and it became harder and harder to detect money laundering patterns across the financial industry. A simple query involving multiple names, addresses or telephone numbers, for example, took hours or days to complete. Enforcement agencies were forced to invest a great deal of time searching through databases, sometimes containing millions of records each, for the suspicious activity they knew lurked among the data. In this timeframe, it was difficult to conceptualize money laundering patterns while remaining a few steps behind the criminals themselves.

The Pacific Air Forces (PACAF) and the 353d Combat Training Squadron (353d CTS) operate and manage the premiere joint combat training venue – RED FLAG-Alaska (RF-A). RF-A exercises are held at the Joint Pacific Alaska Range Complex (JPARC) at Eielson Air Force Base and Joint Base Elmendorf-Richardson. JPARC is the largest instrumented air, ground, and electronic combat training range in the world. With multiple joint and coalition forces exercises per year, RF-A provides relevant and real-world air and ground combat scenarios with realistic threats and targets. As many as 90 aircraft and 2,000 personnel participate in the RF-A tactical exercises that cover 66,000 square miles of training airspace and 1.6 million acres of often-rugged land in the joint Air Force/Army-managed JPARC. The JPARC encompasses more than $200 million worth of equipment and instrumentation to support warfighter training exercises. In addition to size and cost, PACAF has the added responsibility to ensure that sensitive data is not accessed or leaked to unauthorized parties or systems – especially critical when training multinational coalition forces. To provide the most realistic training for the warfighter, which includes multiple nations and clearance levels, a cross domain solution was needed. To best support the required live, virtual, and constructive (LVC) aspects of the joint training, this cross domain solution had to be near-real time, support a flexible protocol, and be able to obtain an authority to connect (ATC) at the Secret and Below Interoperability (SABI) level.

Fondazione IRCCS Istituto Nazionale dei Tumori (INT) was spending a large majority of its time completing security-related tasks manually. It also required flexible protection against all risks and malicious software. These are classic security issues for both private and public companies, and these issues will always need to be approached by management in the most innovative way. For INT, threat protection is an essential aspect of that challenge. Bellazzi mentioned “browsing on the move” as his security platform requirement. At its core, this is protecting a mobile workforce on all endpoints. Mobile employees are going to leave the on-premises network at some point. Knowing that, it is crucial for any company to keep its same protocols unified across all endpoints, on-premises or remote.

The regional healthcare provider serves millions of patients across seven social-health districts and four hospitals in Italy. As it continues to modernize its IT environment by providing better access to information and incorporating more connected medical devices, its growing cyberattack surface creates new potential entry points for viruses and ransomware—a challenge further complicated by the system’s size and complexity. The organization had already suffered the impact of an environment that wasn’t secure enough when it fell victim to a cryptolocker attack. Its existing proxy server solution for web browsing and email spam-blocking left it vulnerable to system-crippling attacks.

One of Danieli’s key challenges was protecting its intellectual property, specifically its designs for machinery and industrial plants. Moreover, as a public company, Danieli was concerned with protecting its corporate image while providing protection against a quickly evolving and adapting threat landscape. Additionally, the company was looking for a solution that would easily extend the same level of security across all locations with the ability to manage everything from one centralized and unified console. The leadership team realized the need for a Data Loss Prevention (DLP) solution — a solution that would solve all of these issues. The importance of security in other internal company departments was not always at the forefront of people’s minds. Many people have the perception that security is not a priority until after a breach has occurred. The introduction of a DLP solution highlights the significance of handling data that could jeopardize the company if it were in the wrong hands.

The National Union of Socialist Mutual Health Insurance Funds (SocMut) in Belgium was facing challenges with its on-site email security. The previous solution was implemented locally and required extensive management attention. As users pressed for more flexibility, their demands were met by more and more ad-hoc solutions that stretched management time even further. The organization was increasingly limited by its on-site email security. The criteria for a new solution included cost, security, management, and the knowledge and expertise of the supplier.

The Law Enforcement agency's mission is to safeguard the United States from a variety of national security and criminal threats. This mission generates an extreme amount of data, of all different types and formats, that is used during investigations and as evidence in prosecuting court cases. This data must be securely captured, analyzed, managed, stored, and available to stakeholders when and where needed. The agency's overarching goal is to modernize its technology infrastructure in support of the mission. Part of this goal is to enhance information sharing both within the agency and with other agencies and organizations. One challenge inherent in the need to efficiently and securely share information is the sheer amount of data that needs to be shared – all with different formats, types, and sensitivities. All data collected, analyzed, and shared by this agency has the added challenge of becoming evidence in complex legal proceedings that can be governed by many different regulations.

Vector SpA, an international freight forwarding agent, was facing challenges with its existing antispam software. The software was unable to effectively filter spam messages from the company’s high volume of email. This led to a significant amount of manual analysis required to identify false positives in the quarantined email messages. The company needed a solution that could effectively manage and secure their email communications without slowing down the IT team or the rest of the company’s more than 2,500 employees.

The U.S. Department of Health and Human Services (HHS) needed a security solution that could effectively protect more than 150,000 users across multiple departments and locations. These users access billions of sensitive data files and interact with the American public through various online communication methods. The challenge was to maintain a high level of productivity while ensuring that the systems and data remain free of malware. The department also needed to balance data security with user access. Doctors and researchers within HHS handle very sensitive health information daily, making collaboration with other researchers worldwide risky without the right security. The department also had to meet the requirements of the Federal Information Security Management Act (FISMA) and implement continuous monitoring of computer systems for security.

In 2010, Leeds & York Partnership NHS Foundation Trust (LYPFT) embarked on a project to manage costs, which affected all facets of the organization. IT budgets were adjusted, leading to a change in web security and the implementation of Cisco IronPort. However, the IronPort solution introduced a number of operational challenges for LYPFT. The level of expertise needed to manage IronPort put a significant and unexpected strain on LYPFT’s IT resources. The IronPort solution also lacked the necessary reporting capabilities—which caused issues between the IT and Human Resources departments because of delays in generating information relating to employee website usage. Aside from reporting, LYPFT needed advanced threat protection from ransomware attacks, a prevalent type of malware that many UK businesses currently face. During that time, LYPFT experienced an uptick of attacks similar to the recent spate of attacks on US healthcare organizations, which successfully targeted a considerable number of LYPFT employees.

The Intelligence Community (IC) customer was facing several challenges including crowded desktops, facilities at capacity causing a strain on power, excessive cooling, limited floor space, network proliferation, decreasing annual budgets, and a need for cross domain collaboration. They embarked on an enterprise-wide initiative for a multilevel security solution to support both high-end tactical operations support and low-end administrative users. The complete solution called for a data guard with self-release and reliable (two-person) human review capabilities. The overarching goal was for a desktop solution that can become the enterprise standard for the IC, achieving a “Culture of Collaboration.”

The Chilean bank, which primarily caters to high net worth individuals and corporations, decided to get proactive about bolstering its cybersecurity and data loss prevention posture in the wake of 2018’s high-profile cyberattacks targeting Latin American banks. The bank was not affected by these attacks, but the incidents spurred the Chilean government to begin drafting legislation that will require Chile’s banks to comply with certain cybersecurity measures, including data loss prevention. The bank decided to get ahead of the curve to better protect clients and itself, instead of waiting for government regulations to take effect. The bank has been transitioning to the cloud to support remote bank employees and account managers who meet premier clients in their own environments. The bank needs its security solutions to both adhere to coming government data protection legislation and to safeguard the usage of cloud applications and service providers.

A global logistics provider was seeking an alternative to their multi-protocol label switching (MPLS) service. The customer wanted to boost the productivity of their workforce and lower costs by migrating applications to the cloud; however, doing so would create a large amount of additional traffic that would have to be backhauled to the data centers. This would inevitably cause latency and a subpar user experience. Adding additional MPLS lines would take months to implement and would be a costly solution, especially when considering the vast number of locations. At the same time, the customer’s aging network security devices were unable to provide substantial visibility into their highly distributed network. With warehouses and data centers spanning the globe—most of them without an on-site technical team—any new network security deployments would have to support centralized management, provide detailed insights into what was happening on their networks, and offer robust reporting capabilities. As one of the world’s largest logistics companies, the customer required the very best in security efficacy to maintain business continuity and to continue honoring commitments they had made to their clients.

Pegasus Airlines, a leading low-cost airline in Turkey, faced challenges in maintaining regulatory compliance due to the vast amount of customer data it collects and stores. The company also supports workforce productivity by allowing their employees to work from anywhere using personal devices to access email and browse the web. This created a challenge in upholding the mandates of the General Data Protection Regulation (GDPR), which has strict penalties for companies that cannot quickly identify, report, and respond to data loss incidents.

This multi-billion dollar bank needed a vendor that could help protect corporate assets and customer information against internal threats in a unique technology environment. At the recommendation of an external audit, the bank sought a unified solution with embedded data loss prevention (DLP) within the web and email gateways to protect against risky employee behavior.

BSE, Asia’s first stock exchange, houses highly sensitive, critical corporate and trading data belonging to over 5,500 corporate houses listed on the exchange. It is one of India’s most critical infrastructures, and it is their responsibility to ensure the security and integrity of this sensitive data. They needed to maintain stringent, around-the-clock monitoring to secure the data from any possible internal or external threats. In an attempt to strengthen its security posture, BSE underwent a complete revamp of all its cybersecurity systems, opting to replace its existing security products with new, cutting-edge technology solutions, including for DLP, which is an integral part of BSE’s overall security strategy. BSE wanted a comprehensive solution that covered endpoint, network and e-mail.

The Aosta Valley region, a Special Statute Region in Italy with a population of just under 130,000 people, faced a common problem for public and private companies, especially one as large as itself - securing web navigation. The region needed to define policies that supported a high level of security while preserving employee productivity. The spread of social networks, the e-commerce boom, and the concurrent availability of internet access on all workstations created a need for a cyber intervention. As a result, the region viewed web protection to be a priority, in order to manage and regulate web access based on content and source. The region decided to integrate its existing firewall with a web security component.

The company was dealing with underperforming and inflexible web and email security solutions, which were generating an average of 350 incidents each week, including false positives, that required staff time to investigate. This created a significant management burden for the company’s IT Infrastructure division. The company needed a new solution that could reduce the number of necessary investigations through better efficacy, thereby generating fewer false positives. In addition, centralized management and reporting capabilities would make investigations more efficient and reduce staffing needs. The company also needed a solution that could support their future challenges of moving to the cloud.

Huisman is a globally operating company with extensive experience in the engineering and manufacturing of heavy construction equipment. The company develops and manufactures cranes, pipelay systems, drilling equipment, winches, vessel designs and special products. In addition to oil and gas, Huisman focuses on renewables, leisure and civil industries. In view of its international presence, safe and secure communication between offices is key to Huisman’s success. That is why the company selected Forcepoint’s web and email security solutions to protect internal systems against malware and data leaks. Huisman is a high-tech company with a lot of intellectual property in the field of engineering. Therefore, it needs a high-quality security platform that offers ultimate protection, ease-of-use and ease-of-management.