Keeping company data secure can get tricky when collaborating with remote employees and contractors. Here’s how AdRoll, a marketing platform provider, addressed that issue using a cloud-based service.
Security risks are not new in business. Project managers and IT teams are continually tasked with addressing risks to safeguard sensitive information. Some primary risk-related concerns for businesses, stakeholders, and project teams center around unauthorized access, data loss, data breaches and privacy, mobile device usage, internal sabotage, and non-compliance. These security risks are often recognized and discussed in the realm of IT, but not necessarily linked to project planning, execution or monitoring and controlling of projects with security in mind.
AdRoll, a marketing platform solution provider with approximately 500 employees across six locations, works with 350 off-site contractors and has encountered some of these security issues, causing concern around project execution.
To overcome these issues, AdRoll made one key change. Adrian Dunne, global director of IT at AdRoll, connected his contractors and locations using a secure, cloud-based SD-WAN service called Cato Cloud, by Cato Networks. It provides a global, SLA-backed backbone that connects remote mobile workers and branch offices to corporate resources, such as cloud data centers.
Using the service, Dunne fixed his contractors’ latency problems by equipping them with Cato’s mobile client and letting them connect directly to the Cato Cloud. This meant traffic from the mobile users could be sent across the optimized backbone, not the general internet, and then directly to AWS not first being backhauled through the San Francisco office. Avoiding the office also reduced the congestion on the San Francisco internet line.The solution gave AdRoll better control over permissions when users connected via the VPN. Now Dunne could restrict access to his resources at a very granular level. “We can control what VPN access looks like for each of our contractors, sales people, and locations and that really spoke to us,” said Dunne. “Now there’s no concern about users getting into our routers.”
Here’s more about the specific risks the company experienced, and how they were resolved:
Contractors, access, and performance
Initially, internet performance was a problem for the company’s off-site contractors. AdRoll required contractors to connect through virtual private network (VPN) software to the company’s San Francisco firewall. Traffic bound for Amazon Web Services (AWS) and the internet was then sent out through a central connection to the public internet. Backhauling traffic through the San Francisco office created a chokepoint, adding latency to the mobile experience. It forced all of the mobile traffic through the company’s San Francisco Internet connection, ultimately saturating the line. There were also security issues as the VPN software required users be granted access to all network resources, not particular applications. For example, nothing prevented users who only needed the company’s web application from using secure socket shell (SSH) to connect to the company’s routers. “Traditional VPNs meant opening the door to everything,” says Dunne. The Cato Cloud solution allowed more specific permissions to be set, giving mobile users access only to necessary applications, and restricting them from critical company resources.
Configuring external mobile devices
One of AdRoll’s concerns for security was outsourcing and the use of personal equipment for project communications. More and more companies are outsourcing and taking advantage of external contractors. When working this way, companies lose some control over device security. Security issues can create a significant problems for businesses, causing project delays and forcing some team members to push off tasks while waiting for IT teams to troubleshoot.
Once AdRoll enlisted help, the company gained the ability to ensure mobile security, even when contractors were using their own devices. Once a user connects to the Cato Cloud, the user inherits all of the benefits of Cato’s security services. Even if a mobile user has malware on their device, features like an intrusion prevention system and a next-generation firewall can detect it and prevent its spread onto the corporate network.
Adding new mobile users was cumbersome with AdRoll’s existing VPN solution. This was particularly true for contractors whose machines were outside of AdRoll’s IT control. The IT team at AdRoll had to send instructions to remote users on how to configure their VPN clients, which Dunne said was a pain.
Cato allowed AdRoll to deliver mobile security even though contractors were using their own devices. Previously, secure mobile access was a challenge because onboarding was difficult and performance was so poor. “With Cato, onboarding users became much, much simpler,” said Dunne. They receive an email with a link, download the Cato Mobile client, and install. It’s a very consumer-like, familiar experience. In this way, regardless of the mobile device used by the contractor, AdRoll can provide secure access in a timely and efficient manner.
Businesses are increasingly recognizing the need to address security risks that may impact projects and are taking advantage of cloud-based security solutions to close existing gaps in their networks. Much can be learned from AdRoll’s project risk management strategies. By addressing issues with user access, performance, chokepoints and latency, mobile device configuration, and onboarding gaps, AdRoll was able to find the right cloud-based network solution to reduce their risks. The key was first recognizing and accepting their areas of weakness and taking quick corrective action to safeguard stakeholder information. There are other cloud security solution providers like Talari Networks, Cisco Meraki, and Riverbed Steel Connect that offer cloud-based network security to small, mid-size, and large enterprises.
Source: Tech Republic