Case Studies
Ransomware Attack Prompts City Schools to Turn to ePlus for Security
Aug 16, 2019, 09:33 AM
Quote author :
Card Button Text :
City overcomes attack and adds tools to mitigate future breaches
City overcomes attack and adds tools to mitigate future breaches
Business Challenges
- The City, which historically had trusted a small IT networking company to maintain their security posture, was dealing with an active ransomware attack after a SQL Server containing Student Personally Identifiable Information (PII) had been compromised.
- With no security controls in place, including anti-malware, the City’s schools were hit with ransomware and immediately taken offline.
- In addition to legal trouble, the attack could have led to the leak of personal information of thousands of students.
Why ePlus?
- The City needed a partner who could immediately help them first overcome and then recover from the attack, as well as build a strong security program, pervasive across its network.
- The City was an existing long-term customer who worked with ePlus on network, wireless, phone and other technologies for their schools, but not yet for security.
- In their moment of vulnerability, they wanted to turn to a partner they trusted, who was also familiar with the inner workings of their organization.
Solution
- Using a combination of technologies to address different issues from system recovery to protection from future attacks, a comprehensive solution was implemented that secured their network at multiple facets.
- Initial triage detected the ransomware behavior using Cisco AMP and discovered that a server containing student information was the one that had been compromised.
- Further delivery of the ransomware was prevented by deploying Cisco Umbrella, a cloud security platform that provides the first line of defense against threats on the internet.
Business Outcomes
- The compromised systems were fully recovered and the ransomware infection was eradicated.
- The custom-designed security solution entailed technology to both block threats before they reached the network, and to enable detection of malware behavior.
- Incident response capability and recovery was enabled.
- ePlus is providing ongoing CISO Advisory Services and is also providing Managed Security Services for Firewalls, Switches and more.
Categories :
- Security
Tags :
Want to Learn More?
We have proven success engineering and deploying solutions that enable our customers to thrive in today's constantly changing, complex technology landscape.