Many organizations want open solutions that are also secure and do not impact user experience.
Psagot sought to do this using a solution based on the CITRIX technology
When talking about information security systems, the user experience of the organization’s employees is considered one of the most important aspects. An employee who encounters cumbersome systems that make his daily work difficult, and has problems browsing, which he needs for his work, and, admittedly (who doesn’t…), browsing from time to time to external sites, is a less satisfied employee. An employee who takes a relatively long time to connect to the systems and move from site to site, partly because of security, will invest less in the work, whether consciously or not. And this costs the organizations a lot of money.
Quite a few companies try to offer solutions to the secure browsing problem for even more organizations seeking them, from small businesses to medium and large organizations. Among the organizations that have the need for such systems is the large investment house Psagot, which says it is the leader in Israel. The well-established company (its first incarnation was founded in 1963) deals with one of the most sensitive issues – money. It offers various investment channels and pension savings, as well as insurance. Therefore, on the one hand, it needs a strong and reliable security system that will preserve the information and money of thousands of customers, and on the other hand will provide employees with a convenient user experience so that they can better serve the customers. In addition to all of these are the regulatory requirements that Psagot must meet.
“A customer who entrusts us with his money wants to know that he is managed by a company that maintains information confidentiality and invests resources to that end, so that his personal information is not accessible to anyone from outside. Customers hear about the many threats of cyberspace systems these days and want to be safe,” says Ofer Kritchman, Psagot’s VP of Information Systems. “Of course, this is also important for our brand. The Psagot brand must be associated with the credibility that will make the potential customer say, ‘I’m willing to put my pension there.’”
In his words, “There is a certain conflict here, because alongside the requirement that the information be secure, we need to work with the open world. Consumers of our services want the Internet to be one of the main tools for working with us.”
“This is where secure browsing comes in,” he notes. “There are many solutions in the field, but Crusoe Security’s solution has added value, because it is a solution that is both secure and user-friendly for the organization’s employees, unlike other solutions that perform only one of these functions.”
So how can an organization become open without creating a security problem?
Psagot approached Integrity, a company that deals with the virtualization of end stations and information security, and distributes the Crusoe solution. According to its founder and CEO, Erez Goldstein, “Since 2000, financial organizations have been dealing with the question of how an employee within an organization can access the Internet from his desktop without creating an information security problem. That is the main question. The internal network browser, any type of browser, is an enormous pitfall, and this is what Crusoe deals with. This is the information security gap that needs to be bridged.”
In his words, “The solution, called Crusoe Security, enables the isolation of the browsing environment so that it runs through a terminal server, external to the organizational network. Separation of the internal network from the risk of browsing exponentially increases the security of information in the organization, while Crusoe Security deals with the user experience, including automatic redirection of external links, management of file downloading and uploading, SSO identification, flash handling, and more. One of the most prominent elements in the company’s system is that there is no need for the installation of any update on any computer. The architecture is completely agentless. Instead of distributing a new version in the organization, the existing software can be altered.”
Integrity set up the solution for Psagot in a short period of time. Goldstein notes that the system is based on the infrastructure of Citrix and integrates with Websense, but also mentions the ability to work with VMware, Microsoft RDS and Linux protocols, and can interface with any filtering or bleaching system.
To summarize, Kritchman and Goldstein note that Gartner has named Isolation solutions, like that of Crusoe Security, as one of the ten most relevant information security solutions for the next 10 years, including management of the brand with employees and users internally and externally. According to Goldstein, “Organizations are becoming more and more threatened and the Internet is one of the biggest threats. One of the main ones is an internal threat, from an employee of the organization, who accidentally inserts a flash drive infected with malware, for example. As a result, organizations increasingly tend towards security solutions in the field, even if it is not required by regulation. They do it because they know that such solutions are more secure. Organizations understand that securing each and every station is not a solution, and they are choosing isolation solutions without compromising the user experience.”