The Company
Since 1979, AETEA Information Technology has delivered high-quality IT staffing solutions, including contract, contract-to-hire, and direct hire to clients nationwide. AETEA customers include many of the Fortune 500, along with some of the most innovative, leading edge, technology-driven organizations in the world. AETEA is proud of its long-term relationships with both its clients and consultants, and its reputation for delivering outstanding results to all. The company firmly believes in providing top-notch talent that enables its clients to translate their IT investments into bottom-line business results.
The Situation
AETEA’s Director, Network Services Greg Starstrom operates as a one-man shop, responsible for security, servers, user machines, email, LAN/WAN connectivity, telco, and VOIP. This includes securing sensitive client information as well personal information for the company’s consultants.
When Greg embarked on a company-wide upgrade to Windows 10, he quickly learned that the incumbent antivirus (AV) software was not supported by the latest version of the ubiquitous operating system. He reached out to the incumbent AV vendor looking for a fix to his Windows 10 situation. The fix would require an AV upgrade to a newer, more expensive version. Greg determined that if an outright AV upgrade was required, he should also consider alternative endpoint security options.
Greg told us, “I had used the same AV for years. We relied on signature updates scheduled to occur overnight to keep pace with those released the day before. I always felt like our endpoint protection was a day behind. That changed with (BlackBerry) Cylance.”
The Process
As Greg began looking for an AV replacement, a professional acquaintance that serves clients in the federal market suggested he look at CylancePROTECT. One capability that immediately stood out for Greg was CylancePROTECT’s ability to block ransomware for machines both on and off the network.
He said, “For me, that is critical because if a machine gets infected, then loses its Internet connection — there is no way to get online and get the tools you need to recover.”
After seeing a demonstration of CylancePROTECT in action, Greg set up a test environment with a combination of 10 desktops and servers. He first tested CylancePROTECT’s ability to work with Windows 10. The second test involved the rollout to the remaining machines on his network using his KACE Kbox, a device that pushes client versus group policies. He installed CylancePROTECT onto new machines with no previous security activity or malicious artifacts – a clean environment. The goal was to see how the new endpoint security loaded and performed.
The Results:
Unlike the previous AV, CylancePROTECT delivers proactive, real-time protection without relying on signature updates. “We are not waiting on a fix, we have the fix,” Greg said. CylancePROTECT is now running on every device, including user machines, the Windows email server, application servers, and virtual environments. The system is set in auto quarantine mode to block attacks before they can execute on endpoints. Upstream filtering is performed by Google Messaging.
Greg noted that desktop performance is probably the biggest improvement. They no longer have AV running in the background, slowing systems down:
“A lot of my users complained that they would turn on their PC, and the AV would still be scanning even after they returned from getting coffee. We don’t have that with CylancePROTECT. No performance hit that I’ve noticed. And all those complaints would filter through me since I’m a one-man shop. They stopped.”
During the WannaCry ransomware outbreak, Greg said he was confident that CylancePROTECT would safeguard his environment in case of an attack. “I watched the console all weekend as the newscasts were talking about the attacks in Europe. I was watching for an attack, waiting to see CylancePROTECT catch it, kick it to the curb, and chew it up.” Fortunately, AETEA was not hit by WannaCry.
He added, “After that weekend, I had a level of confidence that I did not have with the previous AV vendor. A sense of confidence that I wasn’t going to be a victim.”
Summary:
INDUSTRY: IT Consulting Services
ENVIRONMENT: 80 desktops, servers, domain controllers, and VM devices safeguarded by CylancePROTECT®
CHALLENGES:
- Existing antivirus not supported by Windows 10
- Signature-based AV always outdated
- User machine performance impacted by AV running in the background
SOLUTION: Upgrade antivirus software to CylancePROTECT endpoint security.
Download the PDF version of this case study here.
