Founded over a century ago, this Fortune 100 organization is a world-leading provider of financial services in the academic, research, medical, cultural and governmental fields. With $938 billion in combined assets under management with holdings in more than 50 countries, their IT processes require significant complexity to match the scale of their footprint.
It’s often the case that particularly large organizations run into difficulties running their security solutions seamlessly across global operations. It’s not enough to simply purchase the right security solution—but how does an organization that isn’t fluent in cybersecurity manage such a solution at scale on its own?
Challenge: Manual Change Control
This organization realized it needed a professionally-managed cybersecurity solution on the heels of a significant network outage that led to financial losses. The network outage was caused by an internal error resulting in a rogue configuration script. This rogue script was moving from device to device, changing the configurations of each device in its path.
It took them several days to figure out where the issue was stemming from because they didn’t have a way to see change. After experiencing an audit, it was decided that they did not have the detailed change control process in place that was necessary for keeping their data safe.
When the CIO caught wind of this issue, the decision was made to address their need for managed security configuration management (SCM). Without compensating controls alerting the organization of unauthorized changes, it was only a matter of time before a similar cybersecurity event occurred again. They then tasked their platform teams with building out manual lists of the files they were monitoring and quickly realized they couldn’t do it at scale.
Solution: Managed Security Services
Large institutions aren’t immune to the cybersecurity skills gap. Even with 17,500 employees, their security team isn’t big enough to run a robust change monitoring solution on their own. In addition to the headcount problem, cost was another important factor with hosting, hardware and maintenance across more than 7,000 connected systems to think about.
As a managed cybersecurity solution, Tripwire ExpertOps SCM, hosted by AWS, was the perfect fit for this challenge. Tripwire ExpertOps gives organizations all of the cybersecurity benefits of industry-leading SCM and file integrity monitoring (FIM), including a cloud-hosted infrastructure delivered in partnership with AWS, and the expertise of a dedicated Tripwire managed service engineer.
Tripwire ExpertOps allows organizations to quickly achieve and ensure cyber integrity across large heterogeneous environments instead of sinking time and resources into training and administering a tool themselves. With up to 16,000 endpoints to cover, this organization needed a trusted solution like Tripwire ExpertOps to handle its change management process seamlessly from day one.
Results: Professionally-Managed Change Monitoring
One of the biggest advantages Tripwire offered this organization was our proven track record —they knew we could support a very large, complex environment like theirs. The fact that Tripwire already had relationships with several of their partners gave them the confidence to rely on Tripwire for their SCM needs.
Beginning in June 2018, Tripwire went to work covering this organization's most critical servers and several thousand network devices. The Tripwire ExpertOps SCM team stepped up to answer all technical and due diligence questions right away. Thanks to being cloud-based, Tripwire ExpertOps SCM deploys much faster than on-prem solutions, which was another plus for the organization.
In addition to the peace of mind this organization gained in knowing that their change management solution was in good hands, Tripwire helped streamline their ticketing system by integrating with their existing ServiceNow solution.
Now that they have continuous compliance from Tripwire ExpertOps SCM, this financial giant can focus on what moves its business forward without worrying about change control.
Need Help Finding a Cybersecurity Solution?
Contact one of our product experts to find a solution that meets your security needs and reduces your business risk. Whether you have one or several initiatives to respond to, Tripwire ensures compliance, security, and flexible risk management solutions.