Firewalls are critical to securing and protecting your organization from cyber attacks. A firewall is like a castle wall; it keeps the enemy out and assists in repelling their varied and creative attacks. Today, we're going to look at an organization who had a firewall in place, but still had major risk due to several circumstances.
Note: Due to the security nature of this case study, we will be referring to the client as 'BTDT'.
BTDT struggled with their firewall - maintaining, adding new rules, and ultimately administering the unit. As their organization continued to grow, the need for increased and enhanced security kept pace.
With over three hundred internal staff not to mention a thousand external users, the need to appropriately manage their firewall was a MUST, but BTDT struggled to find an organization that would support them. It was a Cisco system that was EoL (end-of-life). They couldn’t find good support, and Cisco was telling them they needed to pitch perfectly good hardware and buy all new.
By keeping this system in place, BTDT, had a large organizational risk. The risk involved everything from hacking, breaches and a large amount of frustration within their team. No one on the BTDT team knew their equipment and was relying on the fact that it would just 'hopefully' work.
$$$Saved every month
When CCI came to assist BTDT with their firewall struggles, we started off with a conversation. We needed to know what their current pain points were, their goals and aspirations. Once that was done, we were able to create a plan with a straight line, starting at removing the pain points and finishing squarely in the goals section.
The plan summary included replacing their current Cisco firewall with a new, but alternate brand unit (for security reasons, we won’t list what was installed). Distribution of new software, and simplification of multiple internal items. (Yes, that is all very generic but we are keeping this extremely high level for client confidentiality reasons.)
They were excited about the easier management and cost savings they would recognize in this process.
After lots of planning, both internally and with BTDT - our team installed the new firewall and software suite over a weekend. After much testing, we confirmed that all rules and packet flow were working with the goal of no major surprises when the office doors opened. Monday, when the BTDT team came into work, the system was purring happily along. We spent time on-site running down a few small issues, training and familiarizing their team with the new infrastructure.
The new system saved BTDT a large amount of time and money. Administration was easier, configuration was easier, remote access was easier – total win!
With better management comes higher security. Bruce Schneier, “Complexity is the enemy of security.” Having a system that internal staff can understand and oversee greatly increases the security posture of the company.
Summary – CCI walked away from the engagement with a stable system running behind us. Staff was happy and able to take the reigns. While we were willing to continue oversight, BTDT wanted complete ownership at the conclusion – not a problem. Their perimeter was simplified, security enhanced, cost lowered and staff empowered.
A month after writing the above, this organization went completely offsite due to Covid-19. Completely unsolicited, we received the following email from the IT Director of BTDT.
"Just wanted to say thanks. We cleared out most folks from BTDT, they are working from home. The new firewall has made a huge difference. Not sure we could have done it with the old cisco system. We had 78 VPN users at the peak. Backups are offsite. All went really well. Thanks for partnering with us and preparing us to absorb the unexpected."