From the latches on the toolbox in your garage to componentry in gigantic earth movers, New Standard Corporation provides Original Equipment Manufacturer components, assemblies, and related services for products used in the agriculture, construction, mining, industrial, and power generation industries. As at companies everywhere, New Standard has seen information security move from the back shelf to the boardroom in recent years.
New Standard Network Administrator Chad Johnson has experienced the shift firsthand. “Years ago, I would never hear from the C-suite or a VP about whether we are doing enough to secure our data, prevent loss, and prevent hacking,” attests Johnson, who oversees all facets of networking, infrastructure, and telephony at the company’s three manufacturing facilities in Pennsylvania and North Carolina. “The Equifax breach definitely helped raise awareness.”
New Standard Corporation has built a reputation of trust and reliability with major OEMs across multiple industries, so cybersecurity is crucially important to the company. The company’s approach to collaborative engineering and custom OEM manufacturing enables it to offer industry-leading solutions, while taking every measure to ensure complete confidentiality.
That approach has led the company to invest in security infrastructure. New Standard has relied on McAfee® endpoint protection for more than a decade, and recently migrated to McAfee Endpoint Security. The company also added McAfee Web Gateway appliances and McAfee Threat Intelligence Exchange,. As a result, Johnson’s day-to-day activities and approach to security have evolved significantly. “Prior to implementing McAfee Endpoint Security and McAfee Web Gateway, our security was essentially event-driven and reactive,” explains Johnson. “We just waited to be notified of an infection on an endpoint.”
“With McAfee Web Gateway filtering at the edge for malware, suspicious content, and web reputation, and with McAfee Endpoint Security and McAfee Threat Intelligence Exchange sharing threat information back and forth, we have become much more proactive,” continues Johnson. “We’re now automatically examining file reputation on all endpoints and cross-referencing unknown files with the McAfee GTI cloud. The number of threats that make it to the endpoint has plummeted, as has the amount of time we spend remediating infected systems.”
Managing Security by Exception
“I manage by exception now,” says Johnson, who looks at the McAfee ePolicy Orchestrator® (McAfee ePO™) central console about an hour each day. “I still look at reports daily, and occasionally validate that all the automated responses we’ve put in place with McAfee are working… but incident response has been fantastic. Today most of my time in McAfee ePO is proactive—for instance, looking for file anomalies or potentially suspicious behavior.”
Johnson particularly appreciates the modular architecture of the McAfee Endpoint Security framework introduced last year. “I love the module approach, where you can deploy specific pieces and leverage only what you want,” says Johnson. “Modularity lets us more easily modify our security profile over time. With this platform, we are looking to add a lot of additional functionality and security for our desktop and mobile users.”
With the switch from reactive to more proactive security, New Standard has felt more comfortable embracing bring-your-own-device policies for employees. “We have a lot more peace of mind now regarding users working outside the firewall and on their own devices,” says Johnson.
Looking to the Cloud and Beyond
Looking forward, Johnson is most excited about the company’s upcoming deployment of McAfee Advanced Threat Defense (McAfee ATD) sandboxing appliances and integration with McAfee Threat Intelligence Exchange across all endpoints. “Given what I’ve seen [in our testing] so far, I believe McAfee ATD will dramatically reduce our potential risk for a zero-day outbreak,” says Johnson.
Extending endpoint security to the Cloud and leveraging OpenDXL are also on New Standard’s security roadmap. After attending MPOWER, the McAfee user conference in October in Las Vegas, Johnson left excited about the direction McAfee is taking its endpoint security platform and how it is working with other security vendors to mitigate threats for its customers.
For Johnson, the dynamic nature of his job is one of the reasons he keeps coming back to work each day. “You’re always going to be learning in the technology industry,” he says. “It changes year over year,” he says. So, even when the toolbox latch or manufacturing component looks the same as it did the previous year, the security behind them keeps evolving. So does McAfee.