Like many financial institutions, Royal London had been facing network access control challenges. Automated device authentication, compliance checks and visibility were particularly difficult to achieve within a large and geo-distributed organization. Having examined the different NAC solutions in the market, Royal London chose Portnox CORE.
The decision was primarily driven by CORE’s ability to adapt to Royal London’s security requirements, as well as the solution’s ease of deployment, which required minimal manpower and low TCO (Total Cost to Ownership).
Other criteria that played a crucial role in the decision-making process included having an agentless, vendor agnostic, software-based, centralized and simple-to-maintain technology. Today, the company has full and continuous visibility into every component on the network, along with an upgraded level of information security thanks to implementing CORE.
A Renewed Look at Network Access Control
Royal London is the largest mutual insurer in the United Kingdom, providing around nine million policies with group funds under management of £100 billion. The group employs over 3,500 people, and has offices in London, Wilmslow, Edinburgh, Bath, Glasgow and Dublin.
Ross Cargill, Cyber Engineer at Royal London, and his team performed security analysis and concluded that they required visibility of devices and network components connected to user access. Additionally Cargill and his team needed the ability to control which devices could gain access to the network in accordance with company policies, security regulations and best practices. The company turned to Portnox CORE to successfully secure their networks and automate security processes.
The Challenges Faced by Royal London
Royal London was faced with a similar challenge encountered by many large financial institutions: having limited network and device visibility, leading to a variety of security and compliance issues.
“We couldn’t control the devices that were connected to our user access network, or be sure that the devices that were connected were compliant with company policies before they were permitted access to key resources,” said Cargill. “We have large sites across the UK with lots of visitors, and we needed the ability to secure access to the user switch ports,” Cargill continued.
Unfortunately, financial institutions have the constant challenge of being prime targets for cyber offenders. This requires that their security requirements and risk control mechanisms be optimized. To achieve this, these organizations need a solution that is not only simple to implement, operate and manage, but also highly secure. At the end of the day, such a solution must ensure that confidential client information must remain protected and private, security regulations are adhered to, and the network itself is readily available for onboarding by employees and contractors alike.
Why Portnox CORE for Network Access Control?
The security team at Royal London was looking for a solution that would be simple to deploy and operate, while providing full visibility and enforcement capabilities. After testing several network access control solutions publicly-traded companies, the group decided to implement Portnox CORE. “We decided to go with CORE because it was easy to deploy, agentless, offered a simple licensing model and had a low requirement for new infrastructure,” said Cargill.
There were a variety of important business considerations driving Royal London’s decision-making process:
- Implementing a Vendor Agnostic Solution – This allows financial institutions to keep their pre-existing and multi-vendor infrastructure, while receiving all the security benefits without having to invest in new network equipment or to deal with complicated configurations.
- An Automated, Centralized Solution – Instead of having to deploy appliances in every single location, Royal London now has a system setup that is centrally controlled and performs network monitoring and enforcement across all locations. This has directly lowered security costs in the short-term (and will continue to do so over time), and has significantly reduced TCO.
- An Agentless Solution – As with all financial institutions, Royal London must never place data and assets at risk while it constantly adds new types of endpoints and services to its networks. Being agentless, CORE allows the financial organization to maintain a strong security posture while avoiding the impediment of business operations caused by having to load and maintain agents on endpoints. In addition to a much faster deployment, non-managed endpoints – such as IoT devices that can not have an agent deployed on them – are also supported.
- Adherence to Security Compliance Regulations – Connecting and already connected endpoints need to meet basic compliance requirements. This is made possible thanks to CORE’s ability to prevent non-compliant devices from accessing the network. This also allows for the preservation of customer trust by protecting data privacy.
The Impact of Portnox CORE
CORE rapidly provided a complete view of the user access network and every device that was connected or trying to connect to it in real-time. This included identifying and categorizing all devices, such as company-issued computers, IP phones and other miscellaneous devices. This was achieved without having to install agents or appliances. As access is based on device and user identities, company devices and contractors were quickly accounted for, taking into consideration their location and which part of the network they were on. In-depth insights became available, such as user currently logged on, types of endpoint, operating systems, AV versions and more.
Endpoints that did not have the most up-to-date AV signatures were automatically updated using Portnox actions to remain compliant with company policies.
“We are now reassured in the knowledge that rogue devices cannot connect to our network. Our IT support has improved because it’s so easy for our support technicians to find users and their devices via the NAS view,” Cargill added.
Now that the solution has been fully implemented, Royal London’s security team has successfully handled all challenges associated with visibility, control and compliance enforcement. This includes the ability to see all endpoints on the network, and ensure that they are properly secured according to company policies, privacy standards and regulatory compliance.
As risk-monitoring and enforcement actions are automated, Royal London’s IT team can devote their time to more important tasks that would otherwise have to be done manually, thereby increasing efficiency and productivity.
Try Portnox CLEAR for Free Today
Gain access to all of Portnox CLEAR’s powerful NAC capabilities for 30 days!