Protect your network against cybercriminals
With more people working remotely, the IT network is at the heart of your organization. How do you protect your network against the growing number of cyberattacks? Architectural firm B2Ai and accounting & audit firm Vandelanotte found a tailor-made security solution.
Architectural firm B2Ai was looking for extra protection against phishing
B2Ai has 140 employees spread over five offices . IT Manager Tom Van den Abeele: “The drawing tables are gone now. The entire company would come to a standstill if the IT systems were to go down.”
There is no end in sight to the number of cyberattacks. That played a role in B2Ai’s decision to invest in extra security. “We mainly noticed a clear uptick in the number of phishing e-mails,” explains Tom. “That’s one of the reasons we are investing in a new security system. We also have tons of connections to and from external parties, which includes the use of cloud applications. To secure all that traffic, a garden-variety solution wouldn’t cut it."
“Where we’re concerned, it’s essential for us to have developed an IT environment that’s as redundant as possible – now. Each office is connected to the Proximus Explore network. It’s also crucial for us to personally hold the reins over the IT security system,” Tom added.
CHECK POINT ENDPOINT PROTECTION
Proximus proposed that B2Ai start working with Check Point. Moreover, it seemed to make sense to implement the Check Point endpoint protection solution in tandem with the Check Point firewall. Tom: “In the past, everything ran over a single line to an external shared firewall. Now we have a small firewall at every location. If someone were to bring malware into one of our offices, say an infected USB key, the local security solution immediately jumps on it.”
TOM VAN DEN ABEELE
Graduated from Ghent University with a master’s in Information Sciences. He has worked as an IT manager for Cockerill Sambre and AZ Sint-Lucas, among others. He has been the acting IT manager at B2Ai since 2015. The architectural firm has 140 employees spread over five offices in Roeselare, Brussels, and Ghent.
“We can now guarantee the security of confidential information for projects commissioned by the government and international organizations."
Tom Van den Abeele, IT Manager at architectural firm B2Ai
Software-defined network for accounting & audit firm Vandelanotte
IT is indispensable in a company that provides entrepreneurs with advice. Vandelanotte’s first strategy was to roll out its own Citrix environment. That said, employees are increasingly working with cloud applications in practice.
A NEW REALITY
“We noticed that employees mainly used a browser in Citrix to access cloud applications such as Microsoft Office 365 and the Exact Online accounting software,” says IT Manager Bram Deprettere. That was Vandelanotte’s motivation for resuming work on its own devices.
To harmonize the network with this new reality, Proximus rolled out an SD-WAN network based on Cisco Meraki. The rollout was all done remotely so that despite the corona measures everything could proceed on schedule.
Bram has worked for over a decade in Vandelanotte's IT department. He has been the acting IT manager since 2018.
“The entire configuration took place via a dashboard,” Bram explained. “That dashboard gives us full control of the network. If we want to connect a new office to the network further down the line, only a Meraki appliance will need to be installed. Everything else can be done remotely.”
To optimally safeguard this confidential information, Proximus recommended implementing Cisco Umbrella DNS Security Advantage. “We've noticed the circulation of a lot more malware since the pandemic began. Cisco Umbrella protects us and our telecommuters from that.”
Accounting & audit firm Vandelanotte currently has 400 employees with offices in Bruges, Ghent, Aalst, Zele, Antwerp, Brussels, Doornik, and Rijsel, in addition to its Kortrijk headquarters.
"The SD-WAN configuration was done remotely so that despite the pandemic, everything could proceed on schedule."
Tom Van den Abeele, IT Manager at accounting & audit firm Vandelanotte
3 principles of zero-trust security
Conventional IT security has always assumed that everything is in principle OK. Security has focused on blocking malicious traffic. Today, new risks – for example the growing number of insider threats – require a different approach. Zero-trust security reverses the logic of security: everything is prohibited except what is explicitly allowed.
EVERYTHING IS SUSPICIOUS
All network traffic, all data streams, all communication, and so forth. This includes not only what comes from outside the network perimeter, but also all internal traffic. With zero-trust security, therefore, everything is prohibited except what is explicitly allowed.
STARTING FROM THE USER
Zero-trust security starts with segmentation, the splitting of the IT network into virtual parts. The user – an employee, a client, a supplier or a partner – can only move within such a microsegment of the IT environment. From there, they only have access to the applications for which they get user rights.
ALSO FOR SMALL ORGANIZATIONS
Small businesses still assume too often that they are not an interesting target for cybercriminals. The results of the Proximus Cybersecurity Survey makes clear that they are mistaken. The simple application of a few principles of zero-trust security can quickly make a big difference for those small organizations too.