Kern School Federal Credit Union (KSFCU)

Background: Kern School Federal Credit Union, KSFCU is a full-service financial institution that was founded in 1938 by a small group of dedicated and concerned teachers who met for the purpose of organizing a Credit Union for the Kern County public school teachers. At the end of its first year of operations, KSFCU consisted of 141 members with $1,336.84 in assets. Two hundred dollars was the maximum loan amount a member could borrow at one time, with the interest rate being one percent. The dividend paid on savings during this era was three percent.

Today, KSFCU is in the top ten percent of the largest Credit Unions in the United States of America. With nearly 140,000 members and over $1.1 billion in assets, KSFCU is a leader in the financial services industry. Its staff of has grown to over five hundred employees at a number of conveniently located Kern County branches, all with the sole purpose of providing the best member service possible.

Challenges: KSFCU’s IT team faced a key challenge: enabling network access for contractors without jeopardizing the network’s security. For a financial institution, contractors like auditors and regulators accessing network resources are a fact of business. So are federal and state regulations, like the privacy provisions in the Graham-Leach-Bliley Act (GLBA). An assault upon the network’s security could have far-ranging effects beyond downtime and lost productivity: it could force the organization out of compliance with federal law.

With these requirements, KFSCU was concerned about threats, like a destructive worm being introduced into their environment and taking down KSFCU’s network. KSFCU searched for a network security solution that would stop worms and other threats from wreaking havoc, and that would increase user productivity and satisfaction without increasing the burden on IT.

KSFCU diligently reviewed the market, removing from its short list solutions that required costly and hard-to-manage implementation and administration. The company then chose Mirage’s endpoint control solution to enable it to easily and cost-effectively keep infected devices off its network.

Issues: In addition to KSFCU’s need to control day-zero threats coming from unmanaged contractor devices, other issues KSFCU faced included:

• Legacy equipment: the security solution had to be infrastructure-, OS- and device-agnostic to work with KSFCU’s in-place technology and processes
• IT bandwidth: the solution had to be effective without requiring IT to continually update signatures or deploy and update agent software
• Policy enforcement: the solution had to enable policy compliance checks of devices upon entry, to further decrease the likelihood of infected devices accessing the network
• Full-cycle threat detection: the solution had to be able to continually check devices for threats once network access is granted
• Mitigation that doesn’t affect “healthy” traffic: the solution had to offer targeted quarantining and mitigation options without interrupting the traffic of uninfected, policy-compliant devices

Solution provided by Mirage Networks: KSFCU utilizes the Mirage endpoint control solution to perform risk assessment on all contractor devices when they request access to the network. If a device fails the policy checks, it is quarantined and removed from the network to enable remediation. Once the device passes the checks and is admitted to the network, Mirage’s threat mitigation capabilities kick in, continually monitoring all network traffic from all network-attached endpoints, regardless of OS or device type, identifying and quarantining devices whose behavior indicates infection, and offering vulnerability scanning and threat mitigation functionality that decreases the users’ demand on IT while speeding their return to productivity.

“KSFCU’s problem is shared by many organizations: “outsiders” have to have access to “insider” data. Unfortunately, much of the network security technology available can’t check devices that are unknown or unmanaged – a potentially large hole in a network’s defense. Mirage is uniquely positioned to address KSFCU’s problem, by checking contractors’ devices, like laptops, as they enter the network and continuously monitoring their behavior while they’re on the network. This ensures KSFCU’s data is safe from threats carried by infected or out-of-policy devices.”

Greg Stock, senior vice president of sales, Mirage Networks

Summary: KSFCU now can provide the network access contractors need, safe in the knowledge that Mirage is providing automatic and continuous protection of the network from any infected or out-of-policy device. Not only does this protect confidential and mission-critical data, it ensures maximum network availability and employee productivity.

Mirage Networks
6801 N Capital of Texas Hwy
Bldg 2  Ste 200
Austin TX 78731 USA
Tel: 1-800-677-6969

Download the complete case study
From Info Security Products Guide site: CLICK HERE

Recommend this to others: