"More than Just a Vendor, “全面合作伙伴”:Junior Achievement和Rapid7是一个无与伦比的组合
Industries
Company Size
Customer Website
About Junior Achievement USA
Tom Landsness has been Vice-President of Infrastructure, 服务管理和网络安全在Junior Achievement USA工作了11年. 美国青年成就组织是一个非营利组织,通过帮助年轻人将他们在学校学到的东西与课堂外的生活联系起来,激励并帮助他们成功. Founded in 1919, Junior Achievement’s proven lessons in financial literacy, work and career readiness, 企业家精神对年轻人的生活产生了积极的影响. 这些课程符合国家和州的教育标准,并在我们的教育合作伙伴和当地社区志愿者的帮助下,向全国数百万学生提供.
Challenge
Two years ago, 向数字化教育的转变导致青少年成就课程的工作量增加. While they had up to this point kept their data on-premise, 不断增长的容量复杂性导致了对基于云的存在的需求. During the data center-to-cloud migration, Junior Achievement发现,他们还需要一个网络解决方案来更好地监控他们的数据和基础设施. 即使是在没有网络解决方案的情况下收集事件日志,也会消耗掉他们一天中的几个小时. Landsness realized that they needed a proven, trusted platform to be more effective, make their jobs easier and their work more efficient.
A Smooth Transition
“We compared Rapid7 to several vendors. I feel like we had a pretty rigorous process,” revealed Landsness. “Rapid7在功能、易用性和成本方面都表现得很好. 由于我们是一个追求影响力/非营利组织,价格一直是我们最关心的问题. 我们的联系人非常擅长向我们展示这个平台的发展方向, explaining what the implementation process would be, and what we would need to do on our end.”
Landsness在Junior Achievement与InsightAppSec签约后分享了这一点, InsightVM, Managed Detection & 响应和使用Rapid7渗透测试服务,事情变得更容易,而不是具有挑战性.
“Installing a single agent on our endpoints, desktops, and servers, 然后在我们的数据中心创建一个日志服务器非常容易. 我们对入职体验非常满意,并享受在多个平台上使用一个代理的效率,” he recalled. “快进到今天,我们认为他们不仅仅是一个供应商——他们是一个全面的合作伙伴.”
Everyone Loves a Single Pane of Glass
Like many security professionals, Landsness appreciates simplicity. 因此,当被问及他最喜欢的Rapid7产品特性时,这一点也不奇怪, he gave a familiar refrain. “For us, it’s the single pane of glass,” he asserted. “We’re a small team. I have three sys-admin-type folks that report to me. Everything’s in one console and it’s so simple.”
Of course, it’s not just about ease of use for Landsness. 他也很欣赏Rapid7的覆盖范围和对细节的关注,这是他使用Rapid7的经历的特点. “Not only does Rapid7 have a dedicated team for us, there’s an AI component that looks through all of our logs,” he explained. “它不断地摄取我们的数据,由于我们的规模,我们无法手动完成.”
Junior Achievement and MDR: “No One’s Breaking In”
Junior Achievement使用Rapid7的管理检测和响应(MDR)服务, InsightVM, and InsightAppSec – all of which are integral to their operations. However, Landsness很快指出MDR是他们的“面包和黄油”,因为它有巨大的好处-常规, speedy notifications of anomalies, according to Landsness, is invaluable. Rapid7 SOC分析师提供的全天候监控是Landsness和他的团队所依赖的——更重要的是, they have confidence in Rapid7’s ability to deliver.
“我们可能每周会收到一到两次与正常情况不一致的行为警告. 所以,他们会拿出一张票,我们会去看一看。. “我们最近收到了防火墙漏洞的警报,需要尽快修补, 在我的其他线人知道之前我们就能解决这个问题了.”
在公司内部进行24/7 SOC监控既不切实际又昂贵. 但这是Junior Achievement的网络安全保险提供商提出的要求. 根据Landness的估计,Rapid7在这方面的价值不能被低估, 聘请内部人员来做Rapid7所做的事情,成本很容易是Rapid7溢价的两倍.
Compliance and Alignment
Furthermore, 遵守COPPA(保护儿童教育信息的法规遵从)也是他们工作的重要组成部分. Landsness has been pleased with Rapid7’s ability to fulfill both goals, 他还分享了有效的24/7监控完全符合他们的青年成就的使命和价值观.
“我们希望为学生和他们的家人提供一个安全的地方,”他暗示道. “Nobody wants bad things to happen with student data or even materials. We’re glad we can keep it safe. 总有人想黑进什么东西,但有了Rapid7,就没人能闯进去了.”
InsightVM: An Invaluable Tool
MDR可能是Junior Achievement的“面包和黄油”,但Landness说他最喜欢的功能实际上是另一个平台——InsightVM.
“我有一个仪表盘,上面有我想要的一切,我需要去的任何地方. In that dashboard, 有一个面板,你可以根据安全补丁的更新程度对所有设备进行排序. So we can see if anything’s been missed. Or if a job stops updating a server. Or if a user has kept putting off patches”
This knowledge saves Landness time and hand-wringing. “It’s just invaluable having that straightforward knowledge. 在没有工具的情况下,它比正常情况下发生的要早得多,” he shared. “It’s been a big help.”
Junior Achievement’s Next Chapter
Junior Achievement安全旅程的下一章是渗透测试. 虽然他们以前每隔一年进行一次这样的测试,但他们现在计划提高他们的游戏. Yearly pen-tests are the plan. “与Rapid7在这方面的合作,以及我们对结果的处理,对我们来说意义重大. 我们只会继续努力在现在这个极度不安全的世界里变得更加安全.”
Gain a complete, end-to-end SOC without the overhead
