DIGITAL GUARDIAN CASE STUDY
IP Protection, Secure Partner Collaboration and
$4 Million in Cost Savings
About The Customer
One of the largest natural gas producers in North America needed to share critical information with business partners, but was concerned about losing data. The company is constantly bidding for drilling rights and developing new technology to maximize its output. This information is valuable to the company and its competitors. Data needs are massive in this industry. Seismic testing data, multiple geological modeling applications, and custom software help to estimate the appropriate investment input and energy output from each property. This data is critical to the firm’s success, and its use and distribution is tightly controlled.
The Business Challenge
The energy industry includes hundreds of contractors and companies that provide specialized services to larger organizations. These business partners may assist in analysis, drilling operations, or legal matters, and therefore must access confidential data from their customers. The company had deployed multiple Citrix servers to allow its partners to access corporate data. While this provided access, it also allowed users to launch other network-capable applications, such as web browsers, and a sophisticated user could bypass controls to launch other software.
To control this ability and protect their sensitive data, the company’s internal application deployment team needed to customize each application published to Citrix for contractor use, costing hundreds of labor hours per application.
As an alternative, a split-farm deployment of Citrix was considered, but was determined to be cost prohibitive.
Critical Success Factors
- Streamline the process for partners to access data through Citrix servers
- Enforce appropriate use of data according to business workflows
- Gain visibility into where data resided, where it was used, and by which people or processes
- Allow simple access to data with appropriate privileges, while preventing critical data from being used improperly or stolen
- Enable privileged users in IT to perform upgrades and maintenance without compromising data security
Citrix was a logical technology for accessing the organization’s data, but only under three conditions:
- The use of other, unauthorized applications must be prohibited
- Users must only have access to data for which they had a legitimate business use
- Users must only be able to use the data in approved ways
Fortra™’s Digital Guardian® worked with its customer to document legitimate data flow models and build DG policies to support them. Context-based data awareness and content inspection features were used to identify and classify all data in the system. With Digital Guardian agents installed on virtualized Citrix desktops and servers, all policies were enforced at the endpoint. This allowed users and applications to use data freely, but only in authorized transactions. For example, users could move data to specific, approved drives, but attempts to move data to unapproved drives would be blocked.
The deployed solution was simple, manageable, and saved the company over $4 million in hardware, software, and physical security infrastructure. Digital Guardian allowed the company to monitor and manage a shared Citrix server farm without the added expense of customizing each application running on Citrix. Employees, contractors, and partners had access to the data they required, with full auditing and without risk of misuse. The company improved information sharing and user productivity while reducing risk.
About Digital Guardian
- Over 600 customers from across the globe
- Industries served: Business services, education, energy, financial services, government, healthcare, manufacturing, retail, technology
- Used by 7 of the top 10 patent holders
DISCOVERY AND CLASSIFICATION
- Endpoint, network, cloud and local data storage
- Content, context, and user classification
- Fully automated to fully manual classification
- Over 300 data types, over 90 languages
EDUCATE AND ENFORCE
- Monitor log, prompt, justification request
- Auto-encrypt, quarantine, move, block
- System, user, and data level event visibility
- Analytics that filter out the noise
- Drag and drop incident management
- Right click remediation in real time
OPERATION SYSTEM SUPPORT
- Full visibility, analytics and controls across multiple operating systems
- Managed Security Program