Architecture, Application Security, Strategy, Vulnerability management, Policy, Compliance

Ski patrol: Boyne Resorts and Kaspersky Lab

April 7, 2008

Boyne Resorts needed an easier way to protect its network and retail points-of-sale. It found a solution, reports Greg Masters.

A trip to the ski slopes or a golfing getaway should not come with a penalty. One amenity vacationers don't need is to find out that their personal data has been lifted from the database of their favorite resort.

With 5,000 users and hundreds of retail points-of-sale, Boyne Resorts needed to ensure the safety of its internal network and the customer data stored on it.

The Boyne Falls, Mich.-based resort chain owns or manages 12 golf and ski resorts spread from Washington State to Maine. Its properties comprise North America's largest collection of privately held ski and golf resorts, along with four- and five-star restaurants.

Keeping the fairways and ski slopes immaculate is one thing, keeping the links of the company's network open  — from check-in to the ticket window on the slopes — and free from outside interference is another matter.

That task falls to Chris Downing, Boyne Resorts' vice president of systems and technology. He had grown dissatisfied with the company's anti-virus and firewall implementation. The heavy architecture was a burden on system resources and worse, the company network was often left open to attack because response time to virus outbreaks was too slow. Also, management required too much labor, he says. The implementation would quarantine a virus, but not remove it without a lot of steps via the vendor's website.

So when Downing noted that the license on the resort chain's anti-virus and firewall solution was nearing expiration, he went looking for a better solution. He and his 17-member IT staff shopped around and checked out all the major players before choosing a solution from Kaspersky Lab — Kaspersky Anti-Virus for Workstations, File Servers and Mail Servers.

What sold them, he says, was the small resource footprint that the Kaspersky product offered. “What was huge to us was the quick response time for file pattern update,” he says. “We needed to be protected from in-the-wild attacks.”

The implementation across the corporate network went smoothly — deployment took one day per resort. A master copy of the Kaspersky software is installed at each branch. The network administrator approves updates and can then push new versions to branch servers. Updates go out extremely fast across the network, and Downing is pleased that it is no longer necessary to reboot the network or shut down computers with each update.

Downing ‘s team reports that the management and operation is pretty much hands off.  “When we first deployed it, it was finding viruses the previous system had not detected,” he says, adding that updates are checked and everything pretty much takes care of itself. “All is going great.”

The software offers protection for Boyne Resort staff who travel a lot — to the various properties, as well as to trade shows — and who login to the corporate network remotely. With the Kaspersky product in place, Boyne employees can now continually receive anti-malware updates automatically when they are working online, even from outside the company network.

Jeff Aliber, senior director, product marketing, Kaspersky Lab, says that with the implementation of Kaspersky software throughout the Boyne Resorts operation, three main factors were considered.

First was manageability. The installation, he says, makes it easy to manage the software across platforms and throughout the chain's various locations.

Second, Aliber points to the quality of the detection technology, citing Kaspersky Lab's reputation, particularly that of its lab in Moscow. He says the work Kaspersky does in identifying malicious software is unparalleled.

And third, he points to balance. Kaspersky optimizes technology to create a balance between the resources needed to protect the enterprise — the complexity of the software — and the user's system requirements — notably freeing up space on the CPU so that applications are not slowed down.

The Kaspersky Lab solution does not come cheap, however. It is, in fact, considered a premium play within the industry. When asked whether implementation of this solution costs less, Aliber responds without hesitation that it is typically a more expensive solution. But, he adds, this speaks to both the quality of the product and the richness of its capabilities.

A dramatic reduction in calls to the IT help desk and operational efficiencies translates to a good deal of savings in cost and in time, adds Downing. 


[sidebar]

Tech & compliance:Assistance is here

The Kaspersky solution provides an added benefit to Boyne Resorts. It helps the resort chain in its compliance requirements.

Jeff Aliber, senior director, product marketing, Kaspersky Lab, points out that compliance, such as that required for PCI, requires companies use anti-malware technology.

But, he is quick to add, technology can only go so far in meeting compliance mandates. “Security is 80 percent process and procedure,” he says. “We supply the technology in support of compliance requirements. Vendors can only provide technology to assist in compliance, not do compliance.” –  Greg Masters



prestitial ad