Case Study: Security Implementation for a Pharmaceutical Company

Transcription

1 Case Study: Security Implementation for a Pharmaceutical Company The Story Security Challenges and Analysis The Case The SmartPoint Guard Solution The Results

2 The Story About the Pharmaceutical Provider An international pharmaceutical company needed a way to protect their proprietary information and client data. To accomplish these goals, they needed to partner with a security company who could ensure both SOX compliance, ease of use, and robust security management. Quick Facts Serve over 100 markets, 41 biotech companies, 48 pharmaceutical companies 1,000 scientists 30 global sites 100 billion units produced annually 1,200 patents and patent applications Security Challenge Analysis Respond to threats in real time Needed perimeter protection for the financial information on their SAP. Wanted data center protection to ensure all the financials and other information flowing through their network were secure. Needed a solution that could detect, prevent, and analyze threats and attacks in real time. Maintain SOX Compliance Needed an easy-to-use tool they could use to report SOX compliance. Required a solution that could ensure they accurately proved compliance. Needed a solution that ensured they maintained federal, state, and industry compliance. Utilize External Security Team They wanted an external security team that could detect threats, analyze them, and protect against future threats.

3 SmartPoint Guard Security Solution Enterprise Vulnerability ScanningService (EVSS) Utilizes the security information portal, which evaluatesnetworks and performs diagnostics On-demand vulnerability scanning portal that identifies vulnerabilities efficiently and accurately, protecting critical network assets and intellectual property Can scan any of the following for threats: Firewalls IPS IDS Application servers Web servers Active Directory controllers servers Layer2 and Layer3 Switches Routers and gateways All networked workstations and peripherals Downloadexecutive summary and detailed reports after scans are complete to ensure compliance

4 SmartPoint Guard Security Solution Continued IDS/IPS Detects threats and creates security alerts Preventsbreaches from occurring Monitors the network in real-time, 24/7 Instantly notifies the security team if it identifies a hack or viable threat Generates reports and logs the security team can utilize to identify weaknesses in the network and repair them Log Management Aggregates logs from multiple services and devices. Stores logs safely and securely in a private cloud that only the company and security team can access. Reduces storage space needed for the company by storing all the logs on a secure cloud. Alerts customers to developing threats across the entire network. Maintains industry compliance without increasing network storage Provides additional insights into network flow and management reporting

5 SmartPoint Guard Security Solution Continued Security Information and Event Management(SIEM) Collects, analyzes, and correlates data to help better inform security decisions. Provides detailed reports that can be customized to meet any compliance standards. Responds to any threats in real-time so the security team can re-secure the network before any attacks occur.

6 Summary When a pharmaceutical company needed a security system to protect the large amounts of proprietary and private data they process a day, they partnered with SmartPoint Guard. By partnering with SmartPointGuard, the company was able to: Meet all SOX compliance requirements every year. Create customized audit reports to prove compliance and meet other audit standards. Ensure data processed on their network was safe from hackers with IPS/IDS solutions. Work with security specialists to improve overall security on their system by creating new policies and customizing reports for key stakeholders.