Not-for-profit organisations have security needs too
Not-for-profit organisations have something other than profit as their primary objective. Typically, they are funded through private and public donations, although they may generate income through some level of commercial activities. The types of organisations that are defined as not-for-profit include some medical organisations, charities, philanthropic organisations and non-governmental bodies.
Such laudable ambitions do not make not-for-profit organisations immune to security threats. Rather, they face the same level of threat from viruses, hackers, and inappropriate or offensive content as commercial companies. And some are even subject to the same level of regulatory compliance as commercial organisations.
But not-for-profit organisations are generally characterised by limited staffing levels and restricted budgets, which places an extra burden on those trying to keep a handle on security. This means that not-for-profit organisations tend to look especially for cost-effective security solutions, often looking not only for protection technology and services from just one vendor, but for an integrated hardware appliance that can be plugged in with little requirement for IT staff to be involved, and that provides protection from a range of security threats.
Two not-for-profit organisations in the US that have been faced with such issues are the Salvation Army and the Ottumna Regional Health Center. In both of these organisations, centralised IT resources act as service centres for geographically distributed teams. And both have selected Firebox integrated security appliances from security vendor WatchGuard.
One of the biggest problems that both organisations were facing was a steady stream of viruses and spam, which were badly impacting the quality of the internet services that they were providing. And, as distributed services centres, both organisations were looking to improve the security of their internet services so that confidential communications could more easily and more securely be exchanged among offices. In the case of Ottumna, this included billing and transcriptions services, whilst the Salvation Army was looking to share parts of its active directory databases. Both organisations had previously been using firewall technology, but had found the technology that they were using was not sufficiently advanced to cater to their needs.
But there were also significant differences in the problems that the two organisations were facing. In common with most commercial health organisations, the HIPAA (health insurance portability and accountability act) regulations are upfront in the minds of Ottumna Regional Health Center’s executives, requiring that higher standards of security be applied to the electronic storage and transmission of health information. In addition, Ottumna also needed its remote hospital locations to be able to review x-ray images over the internet – something that had been taking up to an hour over dial-up internet connections. In order to comply with the HIPAA requirements and to provide the high level of connectivity required for remotely viewing images, Ottumna was looking to implement an affordable security solution that would provide an integrated set of security capabilities, including firewall, VPN, application layer security, intrusion prevention, URL filtering and spam blocking capabilities, in a single appliance.
Although not subject to such regulations, the Salvation Army was also looking for technology to improve the security of its information flows among hundreds of highly autonomous sites within its organisation. In addition to this, it also provides after-school programmes for children, which requires that the children access its computer networks. For this, it is absolutely essential that the content provided is sound, with no possibility of children inadvertently seeing inappropriate content such as pornography or gambling. In order to cater to these needs, the Salvation Army was also looking for an affordable, integrated security appliance, offering in particular VPN, firewall, anti-virus, anti-spam and web content filtering technology.
Both Ottumna and the Salvation Army spent time evaluating technology from a number of vendors, but both felt that many solutions on the market were just too complicated. Instead, both organisations selected Firebox security appliances from technology vendor WatchGuard.
Mike Pearson, WAN and Security Administrator at the Salvation Army, states that WatchGuard’s Firebox appliances are the best on the market in terms of the low cost and the amount of security exploits that are blocked by default. He states that this is the opposite to many other appliances on the market, which have to be manually configured to block security exploits. In contrast, the default settings on WatchGuard Firebox appliances mean that little configuration is necessary, meaning that users in remote offices can set up the appliances and achieve security on their own, with just one phone call from Pearson. Because of this, he can manage the entire network, comprising 11 divisions, from his base in Michigan, which is a major bonus that enhances his ability to easily and cost effectively increase the security of the organisation’s communications mechanisms. Pearson estimates that close to 500 Firebox appliances have been set up throughout the network for which he is responsible, with around 100 having been added in the past year alone.
Ottumna Regional Health Center’s Network Administrator, Scott Garrett, has also increased the investment that the organisation has made in WatchGuard Firebox appliances. Having started in mid-2003 with two Firebox 2500 appliances, Garrett was very impressed with the real-time monitoring capabilities for Ottumna’s network and the reduction in the amount of viruses that were hitting the network. As a result, Garrett has since deployed a number of WatchGuard SOHO appliances and VPN tunnels to doctor’s, and has upgraded to the new Firebox X range of appliances owing to the high gigabit throughput that such appliances can handle. In particular, these are proving to be exceptionally useful in sending extremely large x-ray images around the network, which is critical in providing the advanced level of healthcare required. Over the two years that Garrett has been using WatchGuard technology, one thing that has particularly impressed him is the frequency with which the vendor brings out product upgrades, leading him to maintain and expand his allegiance to WatchGuard.
The Firebox appliances require a lot less maintenance than the firewall technology that Ottumna was previously using and user acceptance has been high. Cost savings have been seen in terms of productivity, but savings were also made in unexpected areas as Ottumna has been able to replace some of its other network security technology with the integrated Firebox appliance.
Garrett is particularly impressed with the expandability provided by the new line of Firebox X appliances, which allows companies to upgrade the product using a simple key. This has led to Ottumna turning on extra services, such as SpamScreen for handling junk mail and WebBlocker for filtering web content.
At the Salvation Army, they have recently expanded their use of security technology beyond the geographical network that Pearson looks after at his branch and have established a VPN connection with the organisation’s HQ in London, UK, so that active directory databases can be shared between the locations.
In terms of the benefits seen, Pearson can now see every single bit of information that enters or leaves the network and can block or open ports at will, depending on need. One of the biggest benefits for him has been that not only is security and connectivity assured, but productivity has been improved dramatically – for example, if someone needs a specific piece of software, this can be sent to them in just five seconds over a VPN connection, which was not possible before. In addition to the straightforward set up of the technology, another great benefit has been the ease of management and maintenance. Pearson runs the entire network from home and claims to rarely leave the house – except, of course, for vacations.
Overall, Pearson is pretty satisfied with WatchGuard’s technology and the level of service that they provide. He very much likes the fact that the Firebox appliances are highly secure out of the box. Even as a self-confessed admirer of Cisco technology, Pearson says implementing and managing WatchGuard technology is so easy that users are buying and deploying their own appliances, supported by just one telephone call from him. Try doing that with Cisco, says Pearson.