Gateway Bank Moves to McAfee to Bolster Security While Slashing Administration Costs

Gateway Bank provides a complete range of personal and business banking services for 70,000 customers in North Carolina, Virginia, and Maryland. Three banks recently merged to form today’s Gateway, with $2.7 billion in assets, and over 700 employees.

Legacy security software drags down IT effectiveness
Gateway considers its IT staff members to be among its most valuable people resources because of all the help they can provide throughout the organization. One of their most valuable contributions, the company knows, is to work with business users to find ways to improve their productivity through better use of technology.

However, back in 2005, the IT team had too little time to focus on those business requirements because basic security management was consuming too much time. Gateway’s security software came from the same vendor but required administration across multiple modules. Monitoring desktops, laptops, servers, and networks was a substantial drain on the IT team. In addition, the bank had to provide training on all of those siloed products and consoles for new employees. Many routine tasks, such as checking for Sarbanes-Oxley (SOX) and PCI DSS compliance, required significant human involvement. Deploying applications onto new computers in the network was especially labor-intensive. The software did not even provide automatic alerts after it found a virus on the network; instead, administrators had to manually look for it—which was a time-consuming and cumbersome process.

Obtaining support also took a great deal of time because the technology vendor had outsourced its Help Desk to a company whose personnel did not have adequate English speaking skills. Gateway administrators often had to ask questions two or three times. “The situation was extremely stressful for both parties,” says Bobby Umphlett, vice president and director of information technology for the bank. “Communication was challenging and not efficient for both groups involved. This made support issues much more complex.”

Collectively, these problems posed a substantial burden on the small staff. “Security is the first concern on our executives’ minds when it comes to IT,” says Umphlett. “As an organization, we needed better, more scalable security. And most importantly we needed to reduce the amount of administration required to obtain it.”

“We had one incident that totally convinced me we needed something better,” illustrated Umphlett. “The software had a bad update that made half our PCs think they had new hardware installed, which caused their users to issue tickets into our IT tracking system. The vendor was taking its time issuing a fix, but we could not wait and so we in IT had to manually apply fixes to over one hundred infected machines. We had them all operational by the time the vendor finally issued a fix a week and a half later, which to me was totally unacceptable.”

Single-console management from McAfee eases the load
Performance degradation was yet another problem with the legacy software, one of the many areas where McAfee stands in sharp contrast according to Umphlett: “Our users were constantly frustrated trying to run big applications on computers that were bogged down by their security software. With McAfee’s approach, we realized that we could avoid user frustration, more easily secure our network and email, and achieve compliance from federal, state, and internal audit standpoints. Best of all, we realized we could do it all from a single, central hub that a person needs to learn just once no matter what kind of security is being implemented.”

"With McAfee’s approach, we realized that we could avoid user frustration, more easily secure our network and email, and achieve compliance from federal, state, and internal audit standpoints."

Bobby Umphlett
Vice President and Director of Information Technology Gateway Bank

McAfee ePO software simplifies wholesale conversion to McAfee
Gateway began by securing its endpoints and incoming email with the McAfee Endpoint Protection—Advanced suite, in particular its McAfee ePO software, McAfee VirusScan Enterprise, and McAfee Security for Email Servers components. The bank followed by protecting the confidential data it maintains about customers via the McAfee Host Data Loss Prevention component of the McAfee Total Protection for Data suite.

This was a full-scale swap out and Gateway was fully expecting set-backs and challenges in their deployment. “To our surprise, implementation was very straightforward,” Umphlett reports. “McAfee ePO not only automated installation of the McAfee products, but made it easy to decommission and remove the previous products.”

VirusScan Enterprise provides 100 percent protection against tens of thousands of virus threats
McAfee VirusScan Enterprise and McAfee Security for Email Servers have delivered in full on Gateway’s expectations for top quality anti-virus protection with minimal administration. “In our last six months we have had 62,077 threat events but not a single virus outbreak,” exemplifies Umphlett. “If VirusScan Enterprise ever does find a virus on the network, it immediately and automatically issues an email saying so, unlike the previous tool where we almost had to stumble over the virus. McAfee gives us real-time resolution instead of a day after the fact.”

McAfee Host Data Loss Prevention keeps confidential data confidential
Like all banks, Gateway is trusted by its customers to keep sensitive personal data within its walls. Identity theft is a constant concern for the bank, and so is compliance. In McAfee Host Data Loss Prevention, Gateway found it has all the tools necessary to protect confidential data and satisfy the applicable government and industry regulatory requirements. The software prevents unauthorized use of secure devices, stores data transfer evidence, and blocks attempts to write data to removable devices. “We have found Host DLP flexible and easy to use,” says Umphlett. “It is also easy to administer because like every application in our McAfee suite it is controlled by ePO, which has proven to be simply gigantic as a time saver.”

Umphlett illustrated some of the ways McAfee ePO software is saving time. “The dashboard is our best ally, providing a complete overview of our status at login,” he states. “Using customizations of standard ePO reports, we can instantly see and evaluate any malware, breakouts, and compliance threats in one spot. It is our single point of entry for management and change. We have everything so automated in ePO that unless something unusual is happening, administration takes just ten minutes a week. And when we do need to alter anything, ePO provides the power to do it in a very granular way so that we make the needed change in seconds without disturbing anything else.”

McAfee ePO software is also the bank’s single point of technical support, letting any administrator see every support case with description and resolution from one place no matter who opened the support request. “The best thing is that our network administrators can manage our entire security arsenal without having to leave their desks,” Umphlett comments.

Free McAfee Security Quickstart HealthCheck eases compliance
McAfee matches the quality of its products with that of its support, as Gateway has found. Besides providing as-needed technical support, McAfee volunteered to conduct a McAfee Security Quickstart HealthCheck service. “McAfee evaluated our ePO setup and VirusScan Enterprise policies and made some recommendations to make us more PCI DSS and SOX compliant,” says Umphlett. “It was a great service.”

All-McAfee solution saves costs in many ways
Gateway’s McAfee deployments have been so successful that the bank has several other McAfee solutions in the plan and under consideration. Next up is McAfee Endpoint Encryption, followed quite likely by McAfee Network Access Control and McAfee Global Threat Intelligence™ file reputation technology.

Another solution that Gateway might well add to its armaments is McAfee Email Gateway for assuring the security of outgoing emails. “I am very impressed by what I’ve seen of it,” says Umphlett. “I can see it replacing four devices and saving us $30,000 a year while removing end users’ burden of having to remember to encrypt their emails.”

Besides these endpoint and email protections, Gateway has begun exploring McAfee network fortifications as well. “It just makes sense to continue on with McAfee for all our security needs,” concludes Umphlett. “Most importantly I don’t need four to six different administrators just because I am addressing four to six different kinds of threat vectors. That is the difference a single console makes. Our administrators handle it all and do a great job of it, leaving time for the rest of our IT staff to fulfill the extremely valuable role of helping the rest of the company optimize our business processes.”

Gateway Bank

Customer profile

Full service bank

Industry

Financial services

IT environment

The bank has 114 servers running Windows 2003 and 2008 that are networked with more than 900 clients, including nearly 100 laptops

Challenges

Gateway needed to reduce the security administration burden while simplifying compliance and improving security for its client machines and email

McAfee solution

  • McAfee® Endpoint Protection— Advanced suite provides: protection from viruses via McAfee VirusScan® Enterprise; centralized administration via McAfee ePolicy Orchestrator® (McAfee ePO™ software); email-borne threat protection via McAfee Security for Email Servers
  • McAfee Host Data Loss Prevention protects sensitive customer information

Results

  • Allows two administrators to do the work of four to six
  • Cuts malware attacks to zero
  • Totally automates security tasks except when something goes wrong
  • Protects personal data against theft or loss
  • Eases compliance
  • Provides online human behavior visibility