The Law Enforcement agency's mission is to safeguard the United States from a variety of national security and criminal threats. This mission generates an extreme amount of data, of all different types and formats, that is used during investigations and as evidence in prosecuting court cases. This data must be securely captured, analyzed, managed, stored, and available to stakeholders when and where needed. The agency's overarching goal is to modernize its technology infrastructure in support of the mission. Part of this goal is to enhance information sharing both within the agency and with other agencies and organizations. One challenge inherent in the need to efficiently and securely share information is the sheer amount of data that needs to be shared – all with different formats, types, and sensitivities. All data collected, analyzed, and shared by this agency has the added challenge of becoming evidence in complex legal proceedings that can be governed by many different regulations.

Vector SpA, an international freight forwarding agent, was facing challenges with its existing antispam software. The software was unable to effectively filter spam messages from the company’s high volume of email. This led to a significant amount of manual analysis required to identify false positives in the quarantined email messages. The company needed a solution that could effectively manage and secure their email communications without slowing down the IT team or the rest of the company’s more than 2,500 employees.

The U.S. Department of Health and Human Services (HHS) needed a security solution that could effectively protect more than 150,000 users across multiple departments and locations. These users access billions of sensitive data files and interact with the American public through various online communication methods. The challenge was to maintain a high level of productivity while ensuring that the systems and data remain free of malware. The department also needed to balance data security with user access. Doctors and researchers within HHS handle very sensitive health information daily, making collaboration with other researchers worldwide risky without the right security. The department also had to meet the requirements of the Federal Information Security Management Act (FISMA) and implement continuous monitoring of computer systems for security.

In 2010, Leeds & York Partnership NHS Foundation Trust (LYPFT) embarked on a project to manage costs, which affected all facets of the organization. IT budgets were adjusted, leading to a change in web security and the implementation of Cisco IronPort. However, the IronPort solution introduced a number of operational challenges for LYPFT. The level of expertise needed to manage IronPort put a significant and unexpected strain on LYPFT’s IT resources. The IronPort solution also lacked the necessary reporting capabilities—which caused issues between the IT and Human Resources departments because of delays in generating information relating to employee website usage. Aside from reporting, LYPFT needed advanced threat protection from ransomware attacks, a prevalent type of malware that many UK businesses currently face. During that time, LYPFT experienced an uptick of attacks similar to the recent spate of attacks on US healthcare organizations, which successfully targeted a considerable number of LYPFT employees.

The Intelligence Community (IC) customer was facing several challenges including crowded desktops, facilities at capacity causing a strain on power, excessive cooling, limited floor space, network proliferation, decreasing annual budgets, and a need for cross domain collaboration. They embarked on an enterprise-wide initiative for a multilevel security solution to support both high-end tactical operations support and low-end administrative users. The complete solution called for a data guard with self-release and reliable (two-person) human review capabilities. The overarching goal was for a desktop solution that can become the enterprise standard for the IC, achieving a “Culture of Collaboration.”

The Chilean bank, which primarily caters to high net worth individuals and corporations, decided to get proactive about bolstering its cybersecurity and data loss prevention posture in the wake of 2018’s high-profile cyberattacks targeting Latin American banks. The bank was not affected by these attacks, but the incidents spurred the Chilean government to begin drafting legislation that will require Chile’s banks to comply with certain cybersecurity measures, including data loss prevention. The bank decided to get ahead of the curve to better protect clients and itself, instead of waiting for government regulations to take effect. The bank has been transitioning to the cloud to support remote bank employees and account managers who meet premier clients in their own environments. The bank needs its security solutions to both adhere to coming government data protection legislation and to safeguard the usage of cloud applications and service providers.

A global logistics provider was seeking an alternative to their multi-protocol label switching (MPLS) service. The customer wanted to boost the productivity of their workforce and lower costs by migrating applications to the cloud; however, doing so would create a large amount of additional traffic that would have to be backhauled to the data centers. This would inevitably cause latency and a subpar user experience. Adding additional MPLS lines would take months to implement and would be a costly solution, especially when considering the vast number of locations. At the same time, the customer’s aging network security devices were unable to provide substantial visibility into their highly distributed network. With warehouses and data centers spanning the globe—most of them without an on-site technical team—any new network security deployments would have to support centralized management, provide detailed insights into what was happening on their networks, and offer robust reporting capabilities. As one of the world’s largest logistics companies, the customer required the very best in security efficacy to maintain business continuity and to continue honoring commitments they had made to their clients.

Pegasus Airlines, a leading low-cost airline in Turkey, faced challenges in maintaining regulatory compliance due to the vast amount of customer data it collects and stores. The company also supports workforce productivity by allowing their employees to work from anywhere using personal devices to access email and browse the web. This created a challenge in upholding the mandates of the General Data Protection Regulation (GDPR), which has strict penalties for companies that cannot quickly identify, report, and respond to data loss incidents.

This multi-billion dollar bank needed a vendor that could help protect corporate assets and customer information against internal threats in a unique technology environment. At the recommendation of an external audit, the bank sought a unified solution with embedded data loss prevention (DLP) within the web and email gateways to protect against risky employee behavior.

BSE, Asia’s first stock exchange, houses highly sensitive, critical corporate and trading data belonging to over 5,500 corporate houses listed on the exchange. It is one of India’s most critical infrastructures, and it is their responsibility to ensure the security and integrity of this sensitive data. They needed to maintain stringent, around-the-clock monitoring to secure the data from any possible internal or external threats. In an attempt to strengthen its security posture, BSE underwent a complete revamp of all its cybersecurity systems, opting to replace its existing security products with new, cutting-edge technology solutions, including for DLP, which is an integral part of BSE’s overall security strategy. BSE wanted a comprehensive solution that covered endpoint, network and e-mail.

The Aosta Valley region, a Special Statute Region in Italy with a population of just under 130,000 people, faced a common problem for public and private companies, especially one as large as itself - securing web navigation. The region needed to define policies that supported a high level of security while preserving employee productivity. The spread of social networks, the e-commerce boom, and the concurrent availability of internet access on all workstations created a need for a cyber intervention. As a result, the region viewed web protection to be a priority, in order to manage and regulate web access based on content and source. The region decided to integrate its existing firewall with a web security component.

The company was dealing with underperforming and inflexible web and email security solutions, which were generating an average of 350 incidents each week, including false positives, that required staff time to investigate. This created a significant management burden for the company’s IT Infrastructure division. The company needed a new solution that could reduce the number of necessary investigations through better efficacy, thereby generating fewer false positives. In addition, centralized management and reporting capabilities would make investigations more efficient and reduce staffing needs. The company also needed a solution that could support their future challenges of moving to the cloud.

Huisman is a globally operating company with extensive experience in the engineering and manufacturing of heavy construction equipment. The company develops and manufactures cranes, pipelay systems, drilling equipment, winches, vessel designs and special products. In addition to oil and gas, Huisman focuses on renewables, leisure and civil industries. In view of its international presence, safe and secure communication between offices is key to Huisman’s success. That is why the company selected Forcepoint’s web and email security solutions to protect internal systems against malware and data leaks. Huisman is a high-tech company with a lot of intellectual property in the field of engineering. Therefore, it needs a high-quality security platform that offers ultimate protection, ease-of-use and ease-of-management.

The company stores a variety of valuable data: internal patents, intellectual property (IP), merger and acquisition data, machine schematics, and geological data like potential drill sites. Many of those with access to this sensitive data are temporary contractors, employed for only a brief period of time. Understanding the higher risk that accompanies shorter-term employees, company leaders brought in third-party analysts to do an assessment of insider threat risk. Analysts found that data was indeed leaving the company, and that nearly half of the data loss incidents were directly related to the actions of negligent or malicious insiders. Upon hearing the results, company leaders authorized the creation of an internal insider threat task force.

UCI, a financial institution that provides mortgages to homebuyers in four European countries, faced the challenge of safeguarding sensitive personal and financial data of its customers. With the advent of new GDPR regulations, the need to protect this data became even more critical. The institution needed to ensure safe and efficient connectivity across devices and locations. The challenge was to deploy a solution that could minimize security risks, reduce manual solution management, and integrate into UCI’s existing SIEM systems to help detect company policy infractions.

Southern Communications, a provider of mission-critical infrastructure as a service (IaaS) for medium to large scale enterprises, was facing a challenge with their signature product, Smart-Connect. As broadband lines improved, leased lines became more affordable, and new technologies became available, the customer desired an alternative solution that could support larger enterprise customers. Managed services are a commoditized market, and Southern Communications needed a way to differentiate their offering from its competitors. The new solution needed to support a wide range of connectivity options, allow for redundancy at each site, have the ability to assign priority to business-critical application traffic, provide visualization tools and reports, offer next-generation security, and have centralized management.

Rösler, a leading player in the mechanical surface finishing sector, was facing challenges with its IT security. The company had been using several firewall systems in its branches, all of which had to be separately managed and maintained. This made determining the IT security status of the entire network either rarely possible or extremely time-consuming. Tasks like updates or the securing of individual firewalls were also very time-consuming. Most firewalls in the individual branches could not be regularly monitored due to time constraints. This meant that settings and administrative activities were not being monitored on an ongoing basis, daily compliance checks were not being carried out, and configuration errors and potential security risks were not immediately being noticed. It was therefore imperative for the IT department to improve network transparency and to guarantee the simplest possible management process.

St. Benedict Preparatory School faced a challenge in maintaining a safe and productive educational environment. The school needed to prevent students from accessing inappropriate or distracting web content through classroom technology. However, stringent policies could hinder faculty and staff from performing their duties effectively. The existing firewall/router combo solution was unable to filter web addresses on a per-user basis, which was necessary for the school's unique needs. Additionally, the school needed a solution that could protect students and staff even when they were off-premises.

The power distributor provides energy to five power companies across an Indian state with a population of more than 25 million people. Managing the state’s power also means securing the personal and financial data of individuals and business customers. The company manages customer bill pay, consumer feedback, and more—which means that it acquires a sizeable amount of data, from customer names and contact information to invoicing details and power usage trends. In the wrong hands, this data can potentially be used to commit fraud or theft. While the company’s data stores increase, India’s attitude toward data protection is evolving. In August 2017, the country’s Supreme Court ruled privacy was a fundamental human right, spurring work on a nationwide personal data protection bill. While that bill has not yet been enacted, businesses see increased regulation of private data on the horizon and know they will likely need strong regulatory compliance processes very soon. The power company first engaged Forcepoint after reaching an impasse with a web security solution that wasn’t effective or flexible enough to meet its needs. The incumbent web security solution would bypass the URL filter, allowing users to access unauthorized sites. Separate URL filtering and web proxy point products caused a second challenge: the products were meant to work together but dependencies between them meant upgrades to one product would cause the other product to stop working—leading to support and management issues. In addition to these functionality and integration issues, the security product’s category database was less than comprehensive, with multiple categories missing. And a complex update process made it difficult to revise.

The global telecommunications enterprise was in a race against time and competitors to secure a significant market share in the 5G technology. The company was under constant pressure to innovate, share information, and move quickly. However, the company was fined for a breach of customer data that its existing DLP product neither prevented nor detected. The security team was under pressure to secure data and intellectual property without slowing down the business operations. The high level of competition in the industry meant that the enterprise leaned towards freeing the business with fewer data controls over completely shutting down data loss, even if that meant taking some risks.

Microland, a medium-sized enterprise in the computer services industry, was facing challenges in controlling and managing data that were subject to regulation. The company needed a solution that could effectively discover, control, and limit the usage of regulated data or sensitive intellectual property (IP), even when the data wasn't on the network. The solution also needed to provide visibility into data movement within the business and help prevent potential data breaches.

In the highly regulated world of investment banking, new communication channels like Skype and WhatsApp, and web forums like Investopedia, are raising the risk of widespread abuse, whether through insider trading, fraud, or leaks of sensitive company information. This bank’s operations and compliance leadership knew they needed a better way to stay close to trader conversations and safeguard the trading floor. The bank’s monitoring technology was obsolete and required a high level of manual intervention to identify and investigate potential compliance issues. With essentially just an email archiving system, investigators had to build lists of words indicative of insider trading activity and conduct manual searches within the archives to build cases.

The enterprise energy provider, serving tens of millions of customers, faced multiple external and internal vulnerabilities to both the power grid and their multi-pronged operations. The cyber threats faced by all companies—like data loss and fraud—come with the added complexity of protecting critical infrastructure. Breaches, downtime, and fraud can cause massive problems for both the enterprise and its customers, from loss of revenue and reputation to endangering human safety. Safeguarding sensitive customer information is always paramount; in this case, that includes a number of high-profile individuals whose home addresses or social security numbers make a tempting target for data thieves looking for a quick payday. Then, of course, there are the millions of dollars flowing through the company, including funds from the resale of renewable energy that could be fraudulently rerouted through altered direct deposit information. Finally, the company’s substations, not always managed by a human operator, run the risk of being taken over by an outside entity without the company knowing.

The Instituto FederaI de Educacao, Ciencia e Tecnologia of Sao Paulo (IFSP) faced a major challenge in ensuring the protection of its IT network and communication resources. This required maintaining the integrity, confidentiality, and availability of information regardless of where it is located and, above all, ensuring compliance with applicable government regulations. After suffering a number of injection-type attacks and system interruptions due to hardware and other bugs, the IT team decided to look at several NGFW (Next-Generation Firewall) options available in the market. IFSP also found that its former security solutions were a contributing factor in employees leaving the organization. Furthermore, it was important to implement a solution with the best TCO (total cost of ownership) as IFSP had a limited budget and wanted technology that would not require additional licensing and whose functionalities would not stop at the end of the license.

Davies Turner, a leading multimodal freight forwarding group in the UK, faced several challenges with its existing security solution. The nature of their business required employees to regularly use the web for work-related tasks, which posed a risk to the network. The company had different user requirements across several offices, necessitating a customizable solution. The HR team also needed increased insight and reporting on time spent online. The existing solution was not user-friendly and could not provide the depth of information needed as the company grew.

The Center for Army Analysis (CAA) was working with an infrastructure in which access to all Command, Control, Communications, Computers and Information Management (C4I) networks required each user to have four separate workstations and a Black Box KVM switch at their workspace. This resulted in duplication of hardware and massive power consumption. Another problem that CAA faced was a severe time degradation in moving classified information across multiple networks. This prevented the execution of critical Global War on Terror and warfighting analyses.

The international banking group was facing challenges in meeting SEC compliance regulations due to the increasing use of personal messaging channels and web forums by traders. The bank's existing monitoring technology was outdated and required a high level of manual intervention to identify and investigate potential compliance issues. The system was not covering the full spectrum of modern communication channels and offered no systematic ways to flag potential indicators of fraudulent behavior. These time-consuming investigations, a vast majority of them false positives, were costing the bank millions of dollars.

Copa Airlines was facing a challenge in providing better protection for its roaming users and distributed offices. The company was in need of a solution that could offer a full-featured policy set. Prior to choosing Forcepoint Secure Web Gateway, Copa Airlines evaluated other vendors including Zscaler and McAfee. The company was looking for a solution that offered efficacy, deployment flexibility, and ease of management.

FERCAM, a logistics company, was experiencing growth that necessitated the modernization of its technology resources. Internet access had become a crucial part of daily operations, and the company needed a more effective monitoring solution. The previous solution was plagued with issues such as weak performance, ineffective blacklist updating, and inadequate web traffic monitoring and analysis for 800 users. These inefficiencies led to a high number of IT tickets related to service issues or false positives.

Healthcare professionals at AZ Sint-Lucas Hospital required unfiltered access to websites to provide patients with the best possible outcome. This resulted in a substantial amount of unprotected data being sent and received via smartphones, tablets, or other devices. A study of user behavior discovered that staff visited more non-work-related websites than job-related sites, posing a serious risk for data loss or theft. The increasing number of spam complaints also required too much time from the IT team to handle.