Connect And Protect, and BankUnited Story
Created: 05 Aug 2009 | Updated: 09 Feb 2011 | 1 comment
We are a financial institution headquartered in sunny South Florida. We are now a new charter and privately held bank. My role in the organization is that of Vice President, Information Security Manager. I have been with the bank for over four years. Our department is structured where we manage and maintain all the technology security layers as well as internal controls to meet regulatory requirements. Currently GLBA is our main driver for compliance.
Right from when I started with the bank the Information Security and Information Technology departments where at arms over the then antivirus and client firewall suite. We were using SAV 8.x and 9.x as well as SCS firewall products. Every day, it just seemed to be one battle after the other. The Helpdesk kept receiving user complaints on slow machines, constant viruses and malware, machines freezing and crashing, etc. The Desktop team had issues with management, configuration, rollouts and inability to troubleshoot. Our department had no easy way to centrally manage the whole environment and we were really feeling the pressure to replace the solutions.
So basically the goal was to have the best of breed solution that was able to wipe out viruses and spyware/malware, have a robust firewall suite and proactive threat management and be able to have a single management console. A single agent was also a main driver because the finger pointing as to which product was causing issues always became our Achilles’ heel. Our team always had trouble pin pointing where the root cause lie and many times the product was removed from the computer without our authorization. Reporting was also a huge driver since we needed a complete and up-to-date view of the antivirus status for not only management but also, and more importantly, our auditors. Current reports did not show enough evidence as to the status of the enterprise and what were the risk factors and remaining remediation gaps.
The first strategy was to convince the IT folks that my department was up for the task and that relief was within sight. We aimed to ensure that both IT and IS were in alignment and sought to achieve the same goals. Management at that time did not have much confidence in the team and were being pressured by the business lines to resolve the issues. At the same time financially the end solution had to have a solid ROI as well as minimal capital investment. We looked at other products to determine benefits, impact to the bank, cost efficiencies, and lifecycle.
Early on SEP was just still a concept. At that time Symantec had just bought Sygate firewall suite. We had numerous discussions with our sales rep and engineers and I felt comfortable that Symantec understood the issues and they had a handle on it and the roadmap made sense. We chose to continue our relationship with Symantec and put our trust in their vision. Technically we knew that we just wanted a stable environment, easy to deploy and manage, ability to manage risks and report, and overall continuous market leading technology.
We upgraded the enterprise little by little to SAV 10.x, removed SCS and replaced it with Sygate. This helped to stabilize the environment but not so much the technical challenges. Actually we now had two management consoles to deal with. However we did improve on antivirus catch rate and clean-up and the firewall product was night and day from previous. This process took over a year and involved the effort of many folks which forced the teams to develop strong relationships.
By following the upgrade path we were able to minimize financial impact and business disruptions. We also agreed with Symantec to become an early beta tester of the SEP product. Symantec did not disappoint a vast cast of reps and engineers were involved and helped us guide the process all the way through. We participated in a case study and all the teams involved were eager to see the final product. Early on we saw right away how this new product would alleviate our woes.
Technically the footprint was minimal, the performance gains on the computers were drastic, the antivirus/anti-spyware caught and cleaned thousands and thousands of threats in the enterprise that the previous product did not catch. The machines were stable without any compatibility issues and did not have any down time. The management console was incredibly robust: broken into modules, easy to configure settings, easy to rollout, excellent policy organization, new threat protection behaves like a true HIPS solution. Super media access controls. You name it and this product just outshines the rest. Right now SEP is installed on all of our workstations and laptops as well as the server infrastructure. We use all the features and modules of SEP including the media access controls. Our Helpdesk and Desktop teams now barely have to deal with any issues regarding the software, viruses, spyware or threats. This product mostly runs itself.
The most important success story here is that the Information Security department has gained a great deal of respect due to the success of SEP. No one questions now what our guys are doing anymore. It helps to be able to speak to the Symantec products with Senior Management and no one has any negative feedback. We have had much success with Symantec over the past few years. We are a big proponent of Symantec and not only do we use SEP but also DLP, CCS, Netbackup, and Managed Services. Our strong relationship allows us to leverage the vast amount of Symantec resources, from reps, to product managers, to specialists and professional services, as well as the expert engineers. Symantec’s success directly translates to our success to meet IT requirements, the business lines, and also regulatory mandates and recommendations. A new Symantec South Florida Security Management and Compliance User Group has also been beneficial in spreading the word out to the local community on such great products. Not to mention I am a Co-director of this group.