Challenge
With 70 percent of the workforce working from home, work anytime anywhere policy, and the growing risk of ransomware and zero-day attacks, Falkirk Council sought an advanced security solution providing proactive endpoint security capabilities.
“We were leveraging an endpoint protection tool that lacked detection, response and investigation capabilities. This further slowed down our response to threats and attack root cause analysis. Another big problem was the lack of a single source of truth due to disjointed security tools,” said Murat Dilek, enterprise network & cybersecurity team leader at Falkirk Council.
Solution
The Council was already using Qualys for asset inventory, vulnerability, and patch management and decided to try Qualys Endpoint Protection solution as the Qualys Cloud Agent was already deployed on the assets.
With most end users working remotely, migration was a concern, but the Qualys onboarding team assisted Falkirk Council in migration, and it was able to migrate to Qualys Endpoint protection on 8,000 plus systems within 2-4 weeks.
“While many solutions offered endpoint protection and investigation capabilities, the main reason for selecting Qualys was it is the only solution that offered fully featured asset inventory, vulnerability and patch management capabilities, and advanced endpoint protection with the same agent and console,” said Dilek.
If you liked this content…
Newcastle City Council mitigates security risks of unsupported Java
Third of UK lacks confidence in government to keep their data safe
Digital defences: protecting public services against cyber threats
Local authorities given guidance for dealing with cyber threats
How local authorities can balance digital transformation with data protection
“The integration of these functions not only provides us with the comprehensive visibility we sought through a single pane of glass but also enhances our security and grants us valuable insights into the root causes of attacks. Qualys Endpoint Protection automatically correlates malware events with vulnerabilities and misconfigurations and patching data allowing us to constantly improve our security posture and prevent future attacks.”
Outcomes
Falkirk Council said it was able to sunset legacy endpoint protection solution, consolidate its budget, and make its security teams more productive with a single pane of glass visibility and automation.
“Work anytime, anywhere means you need to be able to remediate risk anytime, anywhere. Qualys has made it possible,” said Dilek.
Benefits include:
- Automatic blocking and remediation of malware incidents, unwanted applications, and phishing attempts.
- Visibility into suspicious activities and the ability to configure automatic response based on risk thresholds.
- Continuous monitoring and elimination of asset and protection blind spots.
- Comprehensive visibility of all devices including software inventory, potential vulnerabilities, patching status, and malware and suspicious activity.
- Increase in team productivity and speed for addressing security and compliance issue, and escalations.
- Flexible dashboards make security and compliance reporting easy for appropriate stakeholders, including senior management, legal, and regulatory bodies, as data protection and privacy laws require.
- Enables automatic prevention of malware, zero-days, and ransomware attacks.
- Consolidating five different tools into a single platform, simplifying operations for efficient threat management, monitoring, and responding.
- Proactive security minimises the risk of oversight or gaps in security coverage.
- Achieves 40 percent+ overall cost savings by eliminating the need for multiple licences, training on various tools, and the manpower required to manage disparate systems.
