Building a Unified Network with a Distributed Office
Building a Unified Network with a Distributed Office
When First Brokers Securities began looking at consolidating its business operations in a single location in Jersey City, it was presented with a number of new compliance and security challenges. As a FINRA-regulated organization, First Brokers had to make sure that its new facility, systems, and processes met or exceeded all requirements. It also needed to make sure that the team understood how protocols and procedures would be changing to make sure that the company stayed in compliance with the new location. That is no simple task.
New facilities create many opportunities to solve security vulnerabilities that were difficult to solve before, however, without the proper experience and oversight they also often present opportunities for new vulnerabilities. First Brokers wanted to be mindful of its business goals and avoid the pitfalls that exist in introducing new processes and facilities. Along with ensuring compliance, they wanted to ensure a secure environment, so their employees and clients could feel comfortable focusing on their shared goals.
First Brokers looked to Pro4ia to provide guidance on a security configuration that met all their needs while they also pushed their practice to be ahead of current industry standards. One of the particular challenges Pro4ia was faced with was how to provide a secure environment while also permitting users to bring their own devices. Many studies (most recently the UK’s Information Commissioner’s Office) have found that the most common source of a security breach is human error. In introducing new devices to the network that have been configured and managed by the users, there is a tremendous risk of exposure, without the right infrastructure, process, and tools. All of this needed to be managed within a framework that addressed other major compliance considerations. So, the team got to work.
Protect the Principal
Pro4ia’s approach followed a common investment practice of aiming to protect and preserve the principal. This began with a robust business continuity plan. Pro4ia used Hyper-V for server virtualization and Azure Site Recovery to build a Disaster Recovery and backup framework that would speed up First Brokers’ recovery from any possible disruption.
“Your very first concerns are always for the environment and the data. If the environment can’t be saved or recovered, the data may be useless, and if the data can’t be saved or recovered, what are we protecting?”
– Yianni Mavrogiannis, Senior Manager – Client Services and Cybersecurity, Pro4ia
Pro4ia uses several Disaster Recovery frameworks, but always sticks to the same best practices:
- A framework that provides protection and recovery from both physical and virtual disaster (data in 3 places; 1 in production, 1 in a production-ready environment, and 1 completely outside of production)
- Training your team in business continuity and disaster recovery protocols
- Regular testing to ensure data and process integrity
In refining the solution for First Brokers, Pro4ia’s use of virtualization addressed two key challenges. First, once configured appropriately, it presented a compliant solution. Second, it gave the best option in a distributed network to minimize potential downtime and recovery from an incident.
Secure the Perimeter
Pro4ia’s next main objective was to limit the universe of potential threats, beginning with preventative measures for users and extending to defensive mechanisms. Even before getting to the network layer, there is a suite of cloud services that have blurred the lines of the traditional network perimeter. Services like Microsoft Office 365 provide for access to documents, email, and other data via user devices both within and outside of the network. As a result, Pro4ia chose to use a customized Office 365 configuration to limit how users could accidentally expose the network. Microsoft’s baseline security protocols provide a number of options, but in customizing it further, Pro4ia was able to further minimize the risk of human error.
“If we protected against every possibility, users wouldn’t be able to access the internet. It’s our job to create smart protocols that address the most dangerous threats in a layered fashion, while providing process and tools for clamping down on anything that tries to sneak through each layer.”
– Yianni Mavrogiannis, Senior Manager – Client Services and Cybersecurity, Pro4ia
The next layer was a defensive mechanism, a Cisco firewall with Firepower. Firepower allows for managing threats at several levels, from application control, intrusion prevention, URL filtering, and advanced malware protection, to investigating and remediating malware outbreaks. While no solution is completely bulletproof, Firepower blends security automation and intelligence processing with tools for visibility and threat management. This allows First Brokers to have access to all the latest data and information on the threats that are out there, while providing the tools to combat them in real-time.
The final layer that Pro4ia introduced was a mobile app management solution to govern access for devices brought in through First Brokers’ Bring Your Own Device (“BYOD”) program. In addressing the needs of its highly-mobile team, First Brokers’ management decided to give employees a BYOD option. While this used to be a tremendous security concern, applications that limit access and permissions make these highly manageable today. Pro4ia implemented such a solution to allow the company to hold true to this new approach without sacrificing the integrity of its network.
Build In-House Capacity
While tools and frameworks are critical, they are not the only part of operating an IT environment successfully. Pro4ia worked with the First Brokers team to make sure that they had the capacity to manage and collaborate with Pro4ia on maintaining these systems on an ongoing basis. Through a series of trainings and introductions to the new systems, Pro4ia’s team of certified experts shared important principles and knowledge with the team at First Brokers. While First Brokers continues to collaborate with Pro4ia for particular expertise and ongoing support, there is also internal capacity on the First Brokers IT team for all major parts of the new network.
“We’re proud of the work we did with First Brokers. They have an outstanding team and their concern for their clients’ data and cybersecurity meant this project was destined to be a success.”
– Yianni Mavrogiannis, Senior Manager – Client Services and Cybersecurity, Pro4ia
As with every client they partner with, Pro4ia used its 3+1 approach. This means each of its three core practice areas of Technology Relocation Services, Technical Services, and Infrastructure Services were built from a “Project Management First” foundation. Consequently, the project followed the sequence of project management best practices: Initiation, Discovery, Planning, Execution, and Close-Out. This consistent approach to technology projects was combined with the deployment and application of PMI-certified Project Management Professionals (PMPs) and led to a timely and appropriately budgeted project.
Thanks to the careful planning around the project, First Brokers was able to transition smoothly to their new home in Jersey City. The project ran seamlessly thanks to the strong emphasis on project management and strategy-oriented planning. By using this transition to build solid cybersecurity infrastructure, First Brokers realized its goal of a secure but flexible environment for its team.
Pro4ia integrates project management best practices into every project, for enterprise and mid-sized companies alike. If your organization is looking to relocate or find out how technology can support your business objectives, speak to one our IT experts today, or visit www.pro4ia.com for more information.
