Setting PoliciesBy Chris Johnson | Posted 2010-06-28 Email Print
By upgrading its network security, US GreenFiber reduced energy costs by 14 cents an hour and realized significant space savings with the removal of unnecessary hardware.
In addition to deploying a consolidated security infrastructure, our IT and management teams developed internal policies to shape the way our employees use social networking as business tools. We developed policies that would protect against both internal and external security threats, such as data leakage.
To reassure employees who may have worried that IT was playing Big Brother, our IT department held lunch-and-learn sessions to communicate corporate, remote and plant policies. Open forum and e-mail communications to employees focused on how the policies are meant to protect business-critical data.
The application-control feature in our security appliances allows us to set policies to control who is permitted to use Web applications. Social networking sites are a business tool for our corporate employees, but Fortinet’s application-control functions ensure that unnecessary features such as MySpace or Facebook chat aren’t activated. Other social applications, including AOL Instant Messenger and Yahoo! Messenger, are allowed, but chats are stored and logged within the FortiAnalyzer appliance in case a situation arises that makes it necessary to review IM conversations.
Being able to allow and disallow specific parts of these social networking tools as needed is invaluable because it further protects us from possible threats. Application control is the one additional step our IT team is taking to protect GreenFiber from data leakage and other threats.
Evolving and New Threats
In the past year, our IT team deployed a private cloud on VMware’s vSphere to host many internal applications, including an internal Microsoft SharePoint site, Crystal Reports and Outlook WebAccess. We have been able to stop scores of attacks on these applications through Fortinet’s intrusion detection and prevention functions.
Fortinet data leakage prevention (DLP) technology has helped us secure the movement of confidential and sensitive company and personal information. Confidential data traversing through our network—including Social Security numbers and credit card information—is now protected. This helps us safeguard our customers and employees from having their data maliciously siphoned off by either external and internal threats.
Security affects all aspects of IT, even areas that people rarely consider, such as the help desk. A business help desk is the reactive department of an IT organization: The less they have to react to employee requests for assistance, the more operational the business as a whole is.
Because of our network security deployment, we have experienced a dramatic decrease in help desk calls regarding spam, malware, viruses and computer/network latency issues. Our help desk tracking software, Numara’s Track-IT!, shows that we have reduced help desk calls by about 32 percent. This is just one way our IT team measures the success of the security deployment at GreenFiber.
Our IT team is always looking for innovative techniques to secure the information of our business, our employees and our customers—and to thwart security threats that are evolving daily as cyber-criminals continue to get smarter and more malicious. We will “tiger team” our network infrastructure [test its security by attempting to defeat it] from time to time by means of social engineering, localize denial-of- service attacks on our test-bed cloud and explore exploitation frameworks such as Metasploit.
These efforts help our IT team defend against both external and internal threats, while achieving business objectives that help our bottom line. That approach will enable US GreenFiber to grow steadily and securely.
Chris Johnson, the senior system administrator for US GreenFiber, has more than 10 years of experience in the information technology field. Prior to joining US GreenFiber, he worked for Newell Rubbermaid, General Dynamics and Lead Technologies.