Building on a Secure Foundation with McAfee Solutions

Based in Iowa City, Iowa, MidWestOne Financial Group is the fifth largest bank holding company in the state of Iowa and operates 25 community banking locations in 19 Eastern Iowa cities. With more than 400 employees, MidWestOne has standardized on McAfee® security solutions to protect its customers’ and employees’ data and applications.

Securing the Firewall
The seeds for MidWestOne’s partnership with McAfee were planted almost a decade ago, when the bank adopted Secure Computing’s Sidewinder Firewall—now known as McAfee Firewall Enterprise. Soon after, MidWestOne began using Secure Computing’s Webwasher solution, now McAfee Web Gateway. Today, McAfee Firewall Enterprise 8.1.2 and McAfee Web Gateway Version 7 provide the foundation for MidWestOne’s Internet security strategy. “Being a financial services company, the security of our customer information is extremely important to us,” explains Allen Schneider, IT managing officer for MidWestOne Financial Group. “Secure Computing’s products had an excellent reputation in the banking industry even before they were acquired by McAfee, and they fit our requirement for solutions that offer best-of-breed security and can be easily managed with a small IT staff.”

Comprehensive Threat Protection
In the meantime, MidWestOne has further strengthened its Internet security posture by adopting McAfee Email Gateway and McAfee Email Gateway Encryption. Together, the two solutions provide inbound threat protection and outbound data loss prevention for more than 250 of the bank’s email users. McAfee Email Gateway Encryption ensures that even recipients without encryption capabilities are able to receive and reply to secure email from MidWestOne customers and vendors. “Since we’re able to apply encryption at the gateway instead of at the desktop, [McAfee] Email Gateway Encryption keeps our users from having to determine encryption requirements—and we’re able to avoid the problem of users forgetting to encrypt sensitive data,” comments Schneider.

Another important component of MidWestOne’s Internet security strategy is McAfee Global Threat Intelligence™ (McAfee GTI™), a comprehensive cloud-based service that works in real time, 24 hours a day, to protect the bank’s users against all file, web, email, and network vectors. “With previous solutions, we had to devote considerable time to blacklisting traffic that was possibly malicious. [McAfee] GTI makes this a much more manageable process for us,” states Schneider.

The newest addition to the bank’s security arsenal is McAfee VirusScan® Enterprise, which has been deployed to 550 desktops and laptops throughout the MidWestOne organization. McAfee® ePolicy Orchestrator® (McAfee ePO™) software gives the MidWestOne IT team centralized visibility into all antivirus activity throughout the enterprise and the ability to manage all virus scans from a single, unified dashboard. “The integration with [McAfee] ePO and the ease of management it provides was a large reason for us to migrate from our previous antivirus solutions. Plus, McAfee VirusScan Enterprise does a much more comprehensive job of catching and corralling threats—especially new and emerging ones,” says Schneider.

Multiple Lines of Defense
With the McAfee solutions in place, MidWestOne has seen a significant decrease in malware infections that were once getting through to users’ desktops. Whereas previously the bank could count on a few malware infections each month, with McAfee VirusScan Enterprise, they have seen these calls more than cut in half. “With this combination of McAfee solutions, we feel we have an ideal mix of Internet security safeguards to protect our users and data from every attack vector. We have much better control of activity both for outbound and inbound email, and the reductions in spyware and spam speak to how effective the systems are,” recalls Schneider. “In the rare instance that spyware does get past our network controls, we are confident that [McAfee] VirusScan Enterprise can isolate and neutralize the threat at the desktop.”

"Since we first began working with McAfee, we have seen a steady progression of the products to stay one step ahead of the game and continually address new and emerging threats."

Allen Schneider
IT Managing Officer, MidWestOne Financial Group

Cleaner and More Compliant Audits
Like all financial institutions, MidWestOne is subject to periodic audits to ensure compliance with internal policies, as well as government data security regulations, and that includes annual scans of the network to identify security vulnerabilities. With the McAfee security infrastructure, the scans are much cleaner, and any vulnerabilities that exist are quickly identified and corrected. “We’ve had good feedback from our auditors on the level of protection that our McAfee products provide,” says Schneider. “And with [McAfee] Firewall Enterprise, it’s very easy to reconfigure the system and adjust the settings as audit concerns arise. The result is that we have created an environment that is able to quickly adapt to the constantly changing threat landscape.”

Building for the Future
Working with its McAfee implementation partner, NetDirect Systems, and McAfee Professional Services, MidWestOne will continue to enhance its McAfee environment to meet its ongoing security requirements. The bank will soon expand its installation of McAfee VirusScan Enterprise to employees’ mobile devices. In addition, MidWestOne will extend its McAfee ePO software deployment to integrate McAfee Firewall Enterprise, McAfee Web Gateway, and McAfee Email Gateway for a comprehensive view into the overall security infrastructure. “McAfee Professional Services was very helpful in making recommendations on how we could configure [McAfee] VirusScan Enterprise through [McAfee] ePO, and that front-end assistance made the project go much more smoothly than it might have otherwise,” affirms Schneider.

Another potential project on the horizon is an implementation of McAfee Deep Defender together with McAfee ePO™ Deep Command, powered by McAfee DeepSAFE™ technology. These systems will give MidWestOne an additional layer of protection by providing behavioral monitoring of real-time kernel operations to remove unknown threats and prevent zero-day malware. And, to offer protection for the bank’s increasingly virtualized data center, MidWestOne is also evaluating McAfee Management for Optimized Virtual Environments (MOVE) AntiVirus.

“Since we first began working with McAfee, we have seen a steady progression of the products to stay one step ahead of the game and continually address new and emerging threats. [McAfee] Deep Defender is a great example of that, because it offers hardware-based scanning that takes security beyond the operating system level,” explains Schneider. “It’s why we will continue to look to McAfee first when making key security decisions for our organization.”

MidWestOne Financial Group

Customer profile

Community bank with 19 locations in Eastern Iowa


Financial services

IT environment

More than 400 employees using desktops, laptops, and mobile devices


Continue to evolve security infrastructure to meet new and emerging threats

McAfee solution

  • McAfee Firewall Enterprise
  • McAfee Email Gateway
  • McAfee Email Gateway Encryption
  • McAfee Global Threat Intelligence
  • McAfee VirusScan Enterprise
  • McAfee ePolicy Orchestrator (McAfee ePO) software


  • Comprehensive inbound threat protection and outbound data loss prevention for 250 email users
  • Strong antivirus protection for 550 desktops and laptops
  • Centrally managed security infrastructure through “single pane of glass” with McAfee ePO software
  • Significantly reduces helpdesk calls for spyware infections by half
  • Creates an improved standing with auditors and regulators