Customer Story
Boden
Boden, a British clothing company that provides high-quality fashion apparel partnered with BlueFort to gain visibility to unauthorised routers and other rogue devices that connect to the network.
The company launched with just eight menswear styles, and now has a broad presence in the UK, Germany, US and Australia. Boden launched its first physical store in London in 2004. It employs over a thousand people across six global locations.
Key challenges
- Lack of visibility to devices accessing a geographically-dispersed IT network
- No way to monitor the security posture of endpoint devices, and enforce policies that disallow devices with inadequate protection
Overview of the situation
The company has three data centres in the UK, which house all sensitive personal and financial customer data and currently run Boden’s e-commerce sites. In this fast-paced, geographically dispersed environment, a key concern was user behaviour. Lack of visibility to devices accessing the network, which may be vulnerable due to a lack of proper security controls or may be infected with malware, had the potential to put Boden’s entire IT infrastructure at risk.
Gaining visibility to unauthorised routers and other rogue devices that connect to the network was just one of the challenges faced by Boden’s IT and security team. They also needed to find a way to monitor the security posture of endpoint devices and enforce policies that disallow devices that do not have updated antivirus protection, integrate and orchestrate IT and security resources for improved response, and automate and transparently implement network changes when a new device appears on the network without impacting user productivity or interrupting network services.
“Our initial implementation proved to be so well received that we promptly bought further network infrastructure into scope and continue to work with BlueFort to develop and expand the system. We enjoy working with the knowledgeable BlueFort team and would recommend them to anyone.”
Bernard Crane, Infrastructure Architect, Boden
Deploying a continuous validation platform to identify, protect and ensure compliance of all managed and unmanaged endpoints
BlueFort has a tried-and-tested methodology that is built on three continuous phases: discovery, validation and control. Closely aligned to established industry frameworks, including NIST, Cyber Essentials, and CTEM, BlueFort’s methodology is designed to help companies ensure they meet and retain the steps needed to be compliant, as relevant to their organisation.
Device discovery is a never-ending task, but the BlueFort team meticulously traced every endpoint that had access to the network, creating a network technology blueprint for all devices—known and many that were previously unknown.
Automated cycle of continuous discovery, validation and control
Following an initial assessment and armed with an accurate and detailed picture of Boden’s endpoint estate, the BlueFort team set about validating those devices, identifying if they had up-to-date security settings, understanding how, where, and what parts of Boden’s IT infrastructure they were accessing, looking at the permissions of those devices, and determining if the endpoints were even necessary or could be disregarded.
Having worked through the discovery and validation pillars of its methodology, BlueFort’s team turned to the control element. What Boden needed was a way to retain this new-found cyber visibility and make life easier for its relatively small IT and security team. The solution was to deploy a BlueFort continuous validation platform that continuously identifies, protects, and ensures the compliance of all managed and unmanaged endpoints—crucially without business disruption. BlueFort helped Boden quickly identify how and where to implement the solution in its network. Deployment took just three days in both the UK and US locations.
Using Evolve to expand the scope of cybersecurity awareness
The core tenet of BlueFort’s methodology is that a robust cybersecurity strategy needs to be a continuous cycle of discovery, validation and control. The methodology is never-ending, reflecting the always-changing nature of the threat landscape.
Following the successful deployment of the platform, BlueFort’s team remains actively engaged with Boden through its award-winning Evolve service offering, and it is continuing to expand the scope of its cybersecurity assessments. BlueFort’s Evolve service delivers unlimited, on-demand access to its cybersecurity consultants, providing deep industry expertise to ensure security tools are operating and performing at their maximum potential.