Company Takes a Unified Approach to Fight MalwareBy Samuel Greengard | Posted 2016-03-25 Email Print
Know the Risk: Digital Transformation's Impact on Your Business-Critical Applications REGISTER >
HRI Properties, a real estate development and management firm, adopts a sophisticated, seven-layer approach to combat malware infections, including ransomware.
Over the last few years, cyber-security has risen to the top of enterprise concerns. It's impossible to operate a business—or make any major IT decision—without considering the security ramifications.
For HRI Properties, a New Orleans real estate development, construction management and property management firm that oversees 45 apartment buildings and 23 hotels, the challenges of coping with malware and other problems had become overwhelming.
"We did not have a centralized antivirus or anti-malware solution in place, and there was no standardization across the company," recalls Wayne Clement, Jr., the company's IT security analyst. Consequently, "Every time we wound up with an infected computer, the situation turned into chaos. People would run around trying to determine where the infection had occurred and how we could isolate it.
"Usually, we required two or three hours just to find the malware. Then we had to remediate the problem."
In some cases, the infections involved ransomware, which the company does not pay. Although HRI Properties had data backed up within a two-hour recovery time objective (RTO), the remediation process could involve hours and drain productivity.
"In some cases, people couldn't get work done until the problem was fixed," Clement states. In addition, the organization lacked robust reporting capabilities, including visibility into PCI compliance. "We knew we had to make some type of significant change and put a better solution in place," he says.
Security System Provides Seven Layers of Defense
In 2013, HRI Properties began searching for a better way to address enterprise security. After evaluating several vendors, it turned to endpoint security solution provider Comodo to introduce a unified platform that would work across the company.
The system, which went live in 2014, provides seven layers of defense: antivirus, firewall, Web URL filtering, host intrusion prevention, auto-sandbox, file reputation and virus scope. Clement says that the ability to sandbox unrecognized files has dramatically reduced malware infections, including ransomware.
"If something is sent to the sandbox, the system generates an alert that lets us check an MD5 hash of the file and compare it to identified malware," he says. "This gives us far greater confidence about our decision to trust or block the file."
Because Comodo automatically pushes an agent out to all computers, deploying the application is a simple, straightforward task. What's more, with the system installed across the company, the security team can now trust or block files globally. HRI Properties can then apply the policy across the company or to any set or subset of computers in the organization.
"We can limit it to a specific group or create specific permissions or rules," Clement explains. The company can also view every computer in the enterprise and see every piece of software installed on systems through a central dashboard. "We can run a scan, take a look at the report, find unauthorized software and remove it, if necessary."
Although the company faced a few challenges in making the transition—one of the biggest was removing toolbars and other software users had installed on their own—it gained buy-in after explaining the reasoning. More importantly, the endpoint security solution now delivers the protection the organization requires.
"We have the ability to centrally manage the network and endpoints," Clement says. "We are a lot less vulnerable to malware disruptions that impact the business.