For any business, network security threats can have dire consequences. But for the high-stakes hospitality and casino industry, a single breach can result in millions of dollars in fines and the loss of loyal customers who expect the utmost in privacy and discretion. So gambling with securing their customers’ personal information—information that casino operators have spent so much to acquire—is a huge risk that can quickly bankrupt their reputations.
That’s exactly what happened when a pair of unauthorized intrusions into the payment card processing system of a Las Vegas-based casino and casino resort operator compromised the card information for an estimated 300,000 customers. While neither breach—a malware infection initially, and then an attack by hackers—directly impacted casino operations, the operator immediately contacted the authorities and their customers.
And then they called MicroAge’s James Yiatras to begin aggressively reinforcing network security and restoring their valued customers’ trust in their business.
Searching for the right solution
Yiatras immediately responded, and worked tirelessly to put together a solution that would help this company detect and prevent network security threats, repair their reputation, and restore their customers’ confidence.
With over 1,500 users, the casino company’s system currently runs Cisco on the front end, and previously ran multiple security products on the back end—the result of years of fast growth and resource shortages. This costly and unnecessary complexity not only made it difficult to manage network security threats holistically, it was difficult to effectively plug all of the security gaps.
To make matters worse, one of the existing products had been sunsetted. With a soon-to-be obsolete product and multiple security breaches, the company needed to re-think their entire security posture.
Initially, they considered doubling up on their firewalls, but this approach was quickly scrapped due to its high cost.
Yiatras then sought a unified solution that would seamlessly integrate with their Cisco network, provide easy manageability, and prevent unauthorized intrusions. He identified several vendors that could help, including Fortinet. With ample research behind him, Yiatras met several times with company officials to whiteboard all of the solutions, showing them the benefits of consolidation.
While one supplier offered a solid product, it did not have the comprehensive functionality that the casino operator needed. Another provided the required functionality, but it also included a wealth of extravagances and a price to match—about 2.5 times higher than the unified, “just right” Fortinet solution the operator finally chose. Fortinet offered the right balance of functionality and price in a precise and smooth-running solution.
Choosing an all-in-one security winner
Fortinet combines core security technologies—such as firewall, VPN, intrusion prevention, and application control—into a single platform for an efficient, cost-effective all-in-one solution.
“Fortinet’s designed to do exactly what it’s supposed to do: security,” Yiatras says.
Adds Fortinet Territory Account Manager Mike Wysocki: “When it comes to feeds and speeds, we blow them out of the water. They’re more into marketing, we’re more into engineering.”
Deploying fast for immediate protection
Deploying the Fortinet solution was fast and easy. Setting up the environment, integrating it with the Cisco network, and establishing and applying rules took just a couple of days.
The end-to-end solution includes the NSS Labs-recommended FortiGate 1000C next-generation firewall platform with cloud-based sandboxing based on the FortiSandbox technologies that earned NSS Labs-recommended status for Breach Detection, on top of their Cisco network in the main data center. Each casino/casino resort property also has a FortiGate 100D security appliance. With scalable FortiManager, the company can provision and centrally manage any number of Fortinet devices, including applying patches and updates and rolling out security policies.
They also added FortiAnalyzer so that they could roll up log data from all Fortinet and other syslog-compatible devices, and then mine that data to ensure their security stance and assure compliance with federal and state gaming laws.
Hitting the security jackpot
With Fortinet, the casino operator can easily identify and remove network security threats hidden within legitimate application traffic. Plus, it delivers the performance they need to control their applications, data, and users—without becoming a network bottleneck.
“With their new Fortinet solution, the casino operator can identify and remediate breaches before they occur,” says Yiatras. “Their customers can now trust that they can use their cards with confidence.”
With their new all-in-one Fortinet solution and a single vendor contract, the casino operator was able to lower costs and reduce risk by centrally managing security operations—and removing stress for their IT team.
“What the casino operator liked about our solution,” explains Wysocki, “is that it replaced several other solutions and vendors, making it much easier for them to manage. ”
MicroAge + Fortinet: Winning
At the end of the day, rolling the dice with MicroAge was a winning strategy for the casino and casino resort company. Yiatras took the time to thoroughly understand the company’s needs and environment, researched possible solutions, and found the right solution provider in Fortinet. “Working with Fortinet to resolve the casino operator’s security issues was easy,” says Yiatras. “They told me that ‘Fortinet just gets us’.”
Yiatras believes that the casino and casino resort company made a wise investment in its company—an investment that can pay off in multiple ways. “When you buy the right stuff, you can forego annual upgrades and literally bank on your investment. But it’s also a smart investment in your company’s brand and reputation.”
Can your company say with absolute confidence that your customers’ personal data is secure? Consult James Yiatras today at firstname.lastname@example.org or 480.366.2152.