Internet Security and Threat Mitigation at a Food Industry
A commercial food processing company in Canada with various ware houses is in the business of frozen food storage and delivery. The company has been in operation for 30 years. Quality of service and reliability to incoming and outgoing customers are of paramount importance. The company had built the business on quality of service and reliability. The very existence of the company was at stake at one day.
Some hackers had penetrated the office computers of the company and was copying the sensitive information to a remote site in China . This has been going on for some time. No one noticed this for a month. A rash of spam emails resulted, which was filtered by Email spam filter
The user had no idea that their security has been compromised. This changed when one customer received a strange phone call and asking them to switch food storage facility due to Canadian Food Inspection Safety Failure.
The angry customers wanted to know if the certification failure is true- which of course was not. At this point, We were called in to check the security of the company network and it was found that indeed it was breached. One temporary employee was secretly downloading cracked movies on the phone using the Wi-Fi of the company. Some one had shared the Wi-fi password. The company had no content filtering facility. The movie was being downloaded from Russian-Ukrainian torrent sites.
The offending employee was a temporary worker hired from a staffing agency. He is long gone from assignment- but the problem persists. Detection of the Problem and Technical Approach
The breach and problem was detected using Intrusion Detection system called Snort and Wireshark packet filter. Other tools were used to check Stealth mode VPN tunnels . All these are standard practice for Intrusion detection procedure for Network Breach. The intrusion detection was logged for 7 days to get a detailed report of the security problem. The log of the intrusion detection was detailed and accurate.
Gate protect Threat management solutions
What are the features that became effective in stopping the intrusion
Explain the IP tables rules
Customer Value Creation
Value proposition Fit
The solution was cost effective and proved enormous value to the operation of the cold storage facility. The Use of Centralized Intrusion detection system means that any future security breach can be detected early. We have favored using Gate protect for economic and commercial reasons. Creating a Linux based snort and intrusion detection was possible but may have been less effective in terms of quality and values.
The gate protect UTM requires yearly subscription for antivirus and periodic renewal. Such costs are very nominal for the customer.
The solution was robust- cost effective and scalable. We have chosen Gate protect UTM with 4 Sablan for the solutions. Which was considered to be effective.
Please contact if you have security concerns for your network. One of our engineers will be happy to discuss your requirement.
1.0 Practical Packet Analysis- 2nd Edition-Wireshark- ISBN 978-1593272661
2.0 The Practice of Network Security Monitoring- ISBN 978-1593275099
3.0 Snort - IDS- https://www.snort.org/
4.0 Applied Network Security Monitoring- ISBN-13: 978-0124172081