Netwrix

DXC Technology, a global technology company, was facing a significant challenge with its client's dependence on a legacy tool for continuous PCI compliance. The situation was further complicated by the need for manual checks and a lack of oversight into unauthorized changes in the IT environment. The existing implementation with a competitor was not meeting the client's needs, and the lack of transparency into what they were monitoring made achieving effective PCI DSS compliance difficult. This situation was consuming a significant amount of time from the IT teams, preventing them from focusing on more strategic initiatives. As a result, DXC Technology began to evaluate other solutions that could streamline and simplify the PCI compliance process.

PayPoint, a company that processes billions of dollars’ worth of payments each year, recognized the critical need to protect large volumes of sensitive data and improve their IT environment due to a changing threat landscape and regulatory environment. They also faced the challenge of a cybersecurity skills shortage, a common issue in their industry. PayPoint was required to adhere to PCI DSS compliance, which mandates organizations to ensure that various file tracking and monitoring systems are in place. They already had a File Integrity Monitoring (FIM) solution, but as they were going through an IT transformation, they needed to increase their FIM services, which would have significantly increased their costs. Increasing FIM services with PayPoint’s previous provider was problematic due to the high costs associated with processing client transactions.

Mott MacDonald, a global engineering, management, and development consultancy, faced a significant challenge in enhancing data management processes across their SharePoint infrastructure. The company aimed to encourage knowledge sharing among its 16,000 employees spread across 150 countries. The task was to automate the discovery, classification, and tagging of tens of thousands of files to enable fast search and provide better service and long-lasting value to customers. The challenge was not only to streamline the data management process but also to ensure that the solution could handle the vast amount of data generated by the company and its employees.

Lake Michigan Credit Union was faced with the challenge of improving compliance with security protocols in line with federal regulations such as those set by the FDIC. A key requirement was to maintain a comprehensive record of changes made to Active Directory. The credit union also needed to detect and prevent malicious activity across critical systems to avoid security breaches or business downtime. The process of providing auditors with the necessary information was time-consuming, often taking several hours to locate the requested data.

Landspitali University Hospital was faced with the challenge of improving the security of patients’ and employees’ Personally Identifiable Information (PII) and Protected Health Information (PHI) to comply with the General Data Protection Regulation (GDPR) and the Icelandic Data Protection Act. This included ensuring that only authorized staff could access this data. The hospital also needed to secure other sensitive information, such as contracts, medical devices, and research documents, which was crucial for retaining the hospital’s research licenses and ensuring uninterrupted patient care. The hospital had to control 8,500 user objects daily, and the auditing process was time-consuming, taking up to 59 hours per audit.

Mission Capital Advisors, a boutique investment bank, faced a significant challenge in proving its reliability to clients by successfully passing at least two audits per month. The company needed to secure personally identifiable information (PII) and financial data of its customers, which was a critical requirement given the sensitive nature of the financial services industry. Additionally, the company sought to gain a better understanding of how users interacted with sensitive data and monitor their activity to prevent misuse. The challenge was not only to secure the data but also to ensure that the access permissions of employees did not exceed their job functions, thereby reducing the risk of data being overexposed or mishandled.

Progress Residential®, one of the largest providers of high-quality, single-family rental homes in the U.S., faced several challenges related to the security and availability of Exchange Online. The company needed to detect rogue actors before a data breach could occur and ensure readiness for Office of the Comptroller of the Currency (OCC) audits in a timely manner. The challenge was to maintain the security of their Exchange Online system, detect any suspicious activities, and prepare for audits faster. The company needed a solution that could provide clear insights into activity across Exchange Online, such as changes to user properties, group permissions, server rules, and mailbox access attempts.

Lockheed Martin, a contractor/subcontractor of the Department of Defense (DoD), was required to comply with 110 security controls defined in NIST Special Publication 800-171, with a focus on network access and administrator privileges. The company needed to establish a company-wide program to meet the DoD requirements under (DFARS) 252.204-7012. The challenge was to find a highly scalable solution that could integrate multi-factor authentication (MFA) and dynamic privileged access, meet compliance requirements, and minimize impact on ongoing operations. Existing password vault solutions did not provide dynamic privileged access, and building an in-house solution was deemed expensive and time-consuming.

PAL, a leading manufacturer of woodworking machinery, faced a significant challenge in securing their sensitive data and intellectual property. The company relied heavily on Windows file servers, Exchange Online, and SharePoint systems to store and process this data. They also employed third-party developers to support their ERP system, which required close monitoring to prevent any abuse of privileges or incorrect changes that could disrupt operations. The existing two-person IT team had been using manual log monitoring to identify security issues and conduct audits. However, this process was inefficient, cumbersome, and often delivered inaccurate results, leaving them unable to promptly detect incidents. The need for a more efficient and accurate system to audit their critical systems and ensure the accountability of contractors was evident.

The Pennsylvania (PA) Office of Attorney General was facing a significant challenge in managing more than 1,000 accounts and hundreds of groups manually. As the organization grew, the IT staff was overwhelmed with the increasing workload of account maintenance. The integration with various versions of MS Exchange was mandatory, with the office utilizing MS Exchange 2003 for approximately 90% of its systems and MS Exchange 2007 for the remainder. The new solution needed to maintain the strict security standards of the governmental entity and not overexpose personal information. The IT team, already busy with other tasks, required a solution that would not be time-consuming in terms of deployment and learning curve. Ideally, the solution would allow end users to self-service and update directory information on their own, relieving the IT team of this responsibility.

4sinfosec, a managed service provider (MSP), was tasked with assisting a US-based insurance company with 500 employees in recovering from a ransomware infection. The infection had spread from the insurance company's parent company, which had 50,000 employees, due to domain trusts and network integration. The ransomware had encrypted 80% of the insurance company’s servers, rendering all services completely down. The parent company was even more severely affected, with 100% of its servers infected. The challenge was to assess the damage and restore the client's operations as quickly as possible.

API Bank, a small financial institution based in Serbia, was faced with the challenge of complying with the stringent requirements set by the National Bank of Serbia. These requirements included the Decision on Minimum Information System Management Standards for Financial Institutions and the Law on Information Security, both of which are based on the ISO 27001 standard. The bank also needed to detect potentially malicious activities before they could jeopardize cybersecurity. This included suspicious attempts to access the bank’s Oracle databases, VMware-based virtual infrastructure, and network devices, including VPN concentrators.

Bank of Botetourt's IT team was facing significant challenges in managing their Active Directory and VMware systems. They were unable to promptly identify and address security violations, leading to potential disruptions in operations. The bank relied on Managed Security Service Providers (MSSPs) to provide reports on the health of the IT environment and any changes that had occurred. However, these reports were lengthy and complex, rendering them virtually useless for the IT team. The inability to quickly and accurately identify security risks and operational changes was a significant challenge for the bank, impacting their ability to ensure secure and uninterrupted operations.

Carmody Torrance Sandak & Hennessey, a U.S. law firm, was facing challenges in securing large amounts of sensitive client data, including personal information, financial statements, and business agreements. The IT director was seeking a solution to automate the monitoring of user activity across file servers. The existing document management system had auditing gaps and failed to provide detailed information necessary for detecting unusual user behavior and other data threats. The firm also needed to avoid service outages and ensure the IT staff performed their duties effectively. This required automated change and configuration auditing for Active Directory.

Cellular One, a telecommunications company, was faced with the challenge of maintaining the security of its corporate IT environment and the large amount of business-sensitive data it contains, which includes financial, customer and HR records. The company needed to streamline user behavior monitoring across the distributed IT environment of one central corporate location and 12 remote sites. The IT team of 4 people was tasked with the responsibility to proactively mitigate cyber threats and to validate security policies within the entire IT infrastructure. The challenge was not only to protect the 50TB of sensitive data but also to save time on security monitoring.

Christchurch Airport, a major transportation hub in New Zealand, faced a significant challenge in managing its IT environment. The airport's IT team needed to closely monitor activity and changes in Active Directory, a backbone system that provides authorization and authentication for many critical services. The airport is subject to Payment Card Industry Data Security Standard (PCI DSS), which necessitates regular audits of the IT environment. To comply with this requirement, the IT team needed to automate auditing across its network devices, including routers, firewalls, and switches. The challenge was to complete this task accurately and efficiently, promptly detect and investigate issues, and ensure compliance with PCI DSS.

The City of Plano was facing a significant challenge in managing and securing regulated data across various platforms including SharePoint, Office 365, OneDrive for Business, and Nutanix Files. The manual process of locating regulated data such as Criminal Justice Information (CJI), Protected Health Information (PHI), and credit card numbers was not only time-consuming but also ineffective. The lack of insights into this data was a major hindrance for the IT group in reducing the risk of a data breach. The city's native tools were unable to provide an accurate audit trail for CJIS, PCI DSS, and HIPAA audits, and there was insufficient funding to support the manual audit preparation workload. Additionally, the IT group was keen on generating more detailed audit reports to apply for a Department of Homeland Security grant aimed at protecting city governments against cyberattacks.

CoastHills Credit Union was faced with the challenge of ensuring the security and confidentiality of their member's information. The credit union needed a solution that would allow them to quickly identify and investigate potential security violations. Additionally, they were required to meet the National Credit Union Administration (NCUA) requirements for regular auditing of their IT environment. The challenge was not only to maintain the security of sensitive data but also to ensure its accessibility for their members. The credit union was also looking for ways to avoid compliance failure and to save valuable time spent on regular auditing procedures.

Cheshire County Government in New Hampshire was facing a significant challenge in managing and securing a large amount of sensitive and regulated information, including criminal justice data, financial information, Social Security numbers, and personal health information. The five-person IT team found it impossible to manually comb through audit logs to ensure that this data was stored securely and handled in accordance with HIPAA and CJIS requirements. The IT director was also aware of the increasing risk of ransomware attacks targeted at local governments and wanted to ensure the availability and security of the data stored by the county. This required quick detection of anomalous activity in any file server. Furthermore, the IT team needed to be able to quickly resolve issues, such as a file being improperly deleted or moved. However, investigating these problems was difficult and time-consuming.

Credissimo, a leading European FinTech Group, faced the challenge of securing the financial and personal data of its employees and customers. The company needed to pass annual financial audits and confirm compliance with the General Data Protection Regulation (GDPR) and ISO/IEC 27001. The task was complex and time-consuming, requiring a week to generate reports on security controls. The challenge was further compounded when GDPR came into effect, necessitating the hiring of a data protection officer (DPO) and the need for daily activity reports on changes to security group memberships and logons outside business hours.

Crutchfield, a North American retailer specializing in electronics, faced a significant challenge in its IT Services department. The team was tasked with enabling internal users to satisfy customers, which often involved requests for applications like the Firefox browser. However, ensuring the software was set up correctly and kept updated to meet security requirements was a labor-intensive process. Additionally, the team needed a more efficient way to control updates and enforce the company’s proxy policy. The manual approaches they were using, such as editing the config file, were not scalable, leading to inefficiencies and potential security risks.

Day Pitney, a full-service law firm, faced a significant challenge in securing a vast amount of proprietary and client data. The firm needed to gain full control over activity across its IT infrastructure, with a particular focus on file shares containing sensitive content. The challenge was not only to protect the data but also to demonstrate the reliability of internal controls during regular audits conducted by clients. The firm needed a solution that could provide continuous discovery of sensitive data, better control over user privileges, and visibility into IT risks.

Eastern Carver County Schools, a large educational institution with over 9,300 students and 2,000 employees, faced significant challenges in maintaining the security of their IT systems. Recent audits and penetration tests revealed weaknesses in their IT security, particularly the over-provisioning of privileged access. This allowed a Red Team to gain access to critical systems consistently. System administrators had privileges attached to their accounts, and traditional strategies such as the 'A' accounts still left accounts with privileges that could be misused. The school was not prepared to invest in complex, expensive projects due to limited IT staff, which further complicated the situation.

Enjoy.ing, a software engineering company, faced a significant challenge in consolidating the audit trail across its hybrid infrastructure. The company aimed to improve control and prepare for future GDPR and ISO 27001 compliance. Additionally, they needed to troubleshoot incidents more efficiently to maintain business continuity for all three of their development centers. The challenge was to find a solution that could provide a comprehensive overview of activity across critical on-premises and cloud systems in a readable format, and also alert the IT team to the most critical events that could put business operations and security at risk.

First National Bank Minnesota (FNB MN) faced a significant challenge in rebuilding its Active Directory to reduce its complexity and improve security. The bank needed to secure the sensitive financial data of its customers, such as income verification, Social Security numbers, and employment history. This was crucial to mitigate the risk of data breaches. The challenge was further compounded by the fact that the bank had recently merged with another bank, adding to the complexity of the Active Directory. The bank was looking for a solution that could help it clean up its Active Directory and secure its sensitive data efficiently and effectively.

Flagler Bank was facing a significant challenge in managing its IT risk profile due to a lack of insights into its IT operations. The bank's proprietary and customer data were at unnecessary risk due to this lack of visibility. The IT department, consisting of only one person, was unable to manually monitor activity across the enterprise, leading to the potential overlooking of critical events that could result in security incidents or downtime. Furthermore, the time-consuming process of investigating common user issues was diverting resources away from more strategic technology projects.

Grand Lake Casino, subject to several regulations including PCI DSS and MICS, was struggling with the tedious process of auditing through Microsoft Event Viewer, which did not provide sufficient information to satisfy audit requests. The IT manager was particularly concerned about the risk of unauthorized insider activity and privilege abuse by third-party contractors and IT members. With no visibility into user activities across the IT environment, the manager was unable to promptly spot and respond to incidents. The casino, which stores a variety of sensitive data, was particularly concerned about control over file servers. The IT manager wanted to monitor how employees handle sensitive data and detect potential issues before they escalate into security incidents or compliance violations.

Horizon Leisure Centres, a not-for-profit organization operating premier leisure centres in the UK, faced a significant challenge in complying with the General Data Protection Regulation (GDPR). The organization needed to identify and classify the data stored across more than 500,000 folders and subfolders and protect it in accordance with GDPR requirements. This was a daunting task, as the organization also had to be ready to satisfy requests from data subjects, such as processing restrictions and erasures. The challenge was not only to avoid penalties for non-compliance but also to ensure that the sensitive data was secure and only accessible to management.

Hull College, a large educational institution with over 15,000 students enrolled each year, faced a significant challenge in managing and securing the millions of files containing students' personal information. The college needed to meet GDPR data retention requirements, which required full visibility into all these files and enforcement of appropriate retention periods. The IT team sought to automate the data discovery and classification processes to ensure accuracy and avoid disrupting other IT projects. Additionally, the college needed to promptly address data subject access requests (DSARs). Given the vast number of files, manual search for regulated information was impractical, necessitating automation. The IT team also aimed to monitor unusual activities and receive alerts for potentially harmful ones, such as privilege escalation, attempts to access financial or HR data, and suspicious file deletions.

IDB Bank, a New York-based private and commercial bank, faced a significant challenge in securing customer data and ensuring compliance in an increasingly digital and threat-prone banking environment. The banking sector is a prime target for cybercriminals due to the sensitive and valuable data it holds. Any compromise to this data can severely impact a bank's reputation and customer loyalty. The emergence of progressive digital technologies and their associated security risks further complicate data protection in the banking sector. David Smithers, CIO at IDB Bank, was tasked with transforming the organization into the 'bank of the future' over a five-year period. This transformation presented a major security challenge. To address this, IDB Bank conducted a thorough market and technical review to evaluate potential solutions in the System, File Integrity Monitoring, and Change Control space.

Insight Credit Union was faced with the challenge of securing various types of confidential data stored on their file servers. The credit union needed a solution that could detect anomalous activity that could potentially lead to a security breach. Additionally, they needed a system that could accelerate the investigation and remediation of incidents and operational issues. The challenge was to find a solution that could provide real-time alerts on suspicious activities, identify high-risk accounts, and mitigate potential ransomware attacks.