A Multinational Oil and Gas Company

Thanks to Seculert’s

Platform, an attack that was

already in progress was

detected and stopped.

One of the top ten energy producers with operations in over 50 countries

With today’s bring your own device (BYOD) momentum - employees, partners, and customers are accessing web portals, networks, and shared connections via personal devices that are not protected or monitored by a company’s IT security experts. With thousands of personal devices connecting to open wireless networks on a daily basis the danger of a compromised network looms large.

United States

CASE STUDY

CASE STUDY

DESCRIPTION

Company’s CSO

OVERVIEW

LOCATION

2880 Lakeside Drive, Ste 228Santa Clara, CA 95054Tel: +1 408 560 3400

6 Efal Street, P.O. Box 3970Petach Tikvah, IL 4952801Tel: +972 3 919 3366

Toll Free (US/Canada): +1 855 732 8537Tel (UK): +44 203 355 6444Fax: +972 3 919 3636

United States Israel www.seculert.com

CO

PY

RIG

HT

© 2

014

A Multinational Oil and Gas Company

For a large energy sector enterprise, the risk of being unable to control and monitor the personal devices used by its employees to access corporate assets is of great concern. These devices create major vulnerabilities that cannot be controlled effectively. The company sought a tool with the following specifications to solve their problem:

The enterprise decided to use Seculert’s cloud-based automated breach detection platform. During set-up the enterprise’s IT security team entered all internal and external facing domains as well as web-based portals into Seculert’s system. Meanwhile, integration between Seculert’s cloud-based service and the enterprise’s MDM was established through the Seculert API by a member of the IT security team. This allowed the enterprise to block breached devices when identified by Seculert.

The total setup took less than ten minutes. The solution immediately identified a personal mobile device that was communicating from within the company’s network to known domains used by command and control servers. The MDM immediately blocked this device plus Seculert’s detailed forensics allowed the company’s IT security team to pinpoint the owner of the infected device and push instructions to their firewalls to block this employee’s access to critical assets and services (that he would normally have access to). This case was then escalated to the appropriate internal IT team that approached the user and cleaned the infected device.

The user was then required to reset his passwords to all critical applications before the firewall restriction was removed.

Enable employees to use their own devices without the need to install any agent or software

No purchase of an additional on-premises device to be placed on the network

Deploy quickly across multiple sites worldwide

Avoid need for employees to bring devices to IT team for installation or install themselves

Provide detailed forensics

Supply timely intelligence so SOC and IR teams can act swiftly

Thanks to Seculert’s Platform, an attack that was already in progress was detected and stopped. From that point on, the oil and gas enterprise was able to monitor their connections and traffic to immediately detect new infections. Since the Seculert Platform is device agnostic and cloud-based, it can discover compromised endpoints at headquarters and at satellite offices worldwide. Thus the company is able to reduce the risk that sensitive information and credentials are leaked through unprotected devices and is able to detect malicious activity of infected devices connecting to their web assets.

THE CHALLENGE

THE SOLUTION

THE BENEFITS

CASE STUDY