Learn How a Team of Three De-Risked 100 Schools Across Scotland
Falkirk Council switches from a standalone, legacy endpoint security solution to Qualys Endpoint Protection powered by Qualys Enterprise TruRisk Platform to stop, investigate and hunt cyberattacks.
Local Government & Education Authority
55 Primary Schools 9 High Schools 35 remote offices
Founded in 1996, Falkirk Council uses Qualys Asset Inventory, VMDR, Patch Management, and Endpoint Protection Platform (EPP) and Endpoint Detection and Response (EDR) modules to stop sophisticated threats such as ransomware and phishing, speed up incident response, and save time and resources.
Requirement
With 70% of the workforce working from home, work anytime anywhere policy, and the growing risk of ransomware and zero-day attacks, Falkirk Council sought an advanced security solution providing proactive endpoint security capabilities.
We were leveraging an endpoint protection tool that lacked detection, response and investigation capabilities. This further slowed down our response to threats and attack root cause analysis. Another big problem was the lack of a single source of truth due to disjointed security tools.
A Thorough Evaluation of Endpoint Security Vendors
The company had many options when deciding on a new solution. Their current endpoint security vendor also offered an advanced solution with EDR. Other solutions that they evaluated required expensive managed services given the complexity of their solution. Qualys was also the incumbent, as the company was already leveraging it for asset inventory, vulnerability, and patch management. The company decided to try Qualys Endpoint Protection solution. The proof-of-concept exercise was straightforward since the Qualys Cloud Agent was already deployed on the assets. The company was impressed by Qualys’ comprehensive Endpoint Protection consisting of multiple layers of prevention, phishing and ransomware protection, device control, and investigation and response capabilities.
Consolidating with Qualys
Falkirk Council was already realizing the power of automation and consolidation with the Qualys platform.
While many solutions offered endpoint protection and investigation capabilities, the main reason for selecting Qualys was it is the only solution that offered fully featured asset inventory, vulnerability and patch management capabilities, and advanced endpoint protection with the same agent and console
Qualys Solution
Qualys has detected and remediated malware on many student desktops. We regularly see phishing attempts and malware incidents automatically blocked by Qualys. The incident management capability has allowed us to understand the root cause of the attacks. Qualys’s threat hunting capability provides an extra layer of protection by giving us visibility into suspicious activities occurring in our environment. We plan to leverage this information to further enhance our security posture.
“With Qualys, we were able to sunset legacy endpoint protection solution, consolidate our budget, and make our security teams more productive with a single pane of glass visibility and automation,” said Murat. “Work anytime, anywhere means you need to be able to remediate risk anytime, anywhere. Qualys has made it possible. From a productivity and efficiency standpoint, there’s tremendous value in consolidating on the Qualys platform.”
Most vendors could do only one or two of those things well, but Qualys does them all well. The integration of these functions not only provides us with the comprehensive visibility we sought through a single pane of glass but also enhances our security and grants us valuable insights into the root causes of attacks. Qualys Endpoint Protection automatically correlates malware events with vulnerabilities and misconfigurations and patching data allowing us to constantly improve our security posture and prevent future attacks.
Results
Automatic blocking and remediation of malware incidents, unwanted applications, and phishing attempts.
Visibility into suspicious activities and the ability to configure automatic response based on risk thresholds.
Continuous monitoring and elimination of asset and protection blind spots.
Comprehensive visibility of all devices including software inventory, potential vulnerabilities, patching status, and malware and suspicious activity.
Increase in team productivity and speed for addressing security and compliance issue, and escalations.
Flexible dashboards make security and compliance reporting easy for appropriate stakeholders, including senior management, legal, and regulatory bodies, as data protection and privacy laws require.
Benefit
Enables automatic prevention of malware, zero-days, and ransomware attacks.
Consolidating five different tools into a single platform, simplifying operations for efficient threat management, monitoring, and responding.
Proactive security minimizes the risk of oversight or gaps in security coverage.
Achieves 40%+ overall cost savings by eliminating the need for multiple licenses, training on various tools, and the manpower required to manage disparate systems.
Leaders have peace of mind that Falkirk Council endpoints are protected by cutting-edge technology and threat intelligence.
Investing in robust security tools coupled with skilled professionals is proving to be a game-changer, rendering the reliance on managed SOCs less critical.
Most of our end users are remote, migration was a concern, but the Qualys onboarding team assisted us in migration, and we were able to migrate to Qualys Endpoint protection on 8,000 plus systems within 2-4 weeks.