Getting to the (end) point

How can you manage what you can't see? Vistaprint gets a handle on endpoint profusion and security

Organizations sometimes rush to implement security solutions without taking the time to ensure that the products will work optimally in their environment, in hopes of dealing with immediate security shortfalls. But putting in the effort to meld new solutions with the existing infrastructure increases the likelihood of a successful deployment.

Vistaprint, an online provider of professional marketing products and services to more than 14 million micro businesses and consumers, had a lack of endpoint visibility that posed a security threat to the company.

Managers had no way of knowing on a global scale what devices--including desktops, servers, phones, mobile devices, printers, and networking devices--the company had on its network, says Nick Duda, senior lead information security engineer at Vistaprint.

[Also read BYOD keeps expanding and IT just has to deal with it]

The company wanted to have real-time visibility into the security posture of all devices on the network, including both physical and virtual machines, in order to tightly manage endpoint compliance. And they wanted to a way to deliver configuration changes and software installations to all company-owned devices via an agentless process.

"We needed a solution that could give us 100 percent total visibility without introducing any major infrastructure changes" or rely on clients or agents, Duda says.

VistaPrint deployed four CounterACT appliances and one virtual appliance from ForeScout Technologies Inc. to monitor 13 offices and about 15,000 devices. One of the advantages to the technology is that it easily fit into Vistaprint's environment.

"One of the primary challenges we needed to overcome was introducing a solution without any major infrastructure changes," Duda says.

"CounterACT is completely out-of-band, not in-line with any other technology."

This allowed the company to configure the device with an IP address and turn it on, providing immediate results. "With this kind of implementation we were able to quickly deploy CounterACT appliances globally, and have them all online giving us immediate results within days of flipping the switch on," Duda says.

There were hurdles to overcome, however. "One challenge was making sure all of our networking gear [such as switches] were properly configured to work with CounterACT to address our primary goal of achieving 100 percent total global endpoint visibility," Duda says. This required resources from the networking department.

Another challenge was showing immediate value of the technology to business executives in order to justify the investment. The security product "closed gaps in our infrastructure security that other solutions didn't, so we were able to show immediate value with CounterACT, and that was key to getting approval in the budgeting process," Duda says.

With the technology in place, Vistaprint now has accurate reporting on any endpoint device, as well as its security posture and whatever software is installed on the device. The company has reduced risk by more effectively enforcing corporate security requirements such as anti-virus software and data encryption, and it has improved ability to document compliance with PCI regulations.

Another benefit is reduced workload and resources for tasks that might otherwise take days or weeks to complete. "Within minutes we can write policies to search for all endpoints with a specific criterion and perform any action on them, without any scripting knowledge," Duda says.

"By reducing workload and resources this inherently saved the company money."

Join the CSO newsletter!

Error: Please check your email address.

Tags Vistaprintsecurity

More about ForeScout TechnologiesInc.

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Bob Violino

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts