Cybersecurity topics usually revolve around malicious actor activity and solutions to threats, shedding little light on IT managers’ role in implementing company-adjusted security strategies. Lack of focus on how IT managers deal with high-level decision-making to fulfill organizational security requirements often disrupts effective prioritization and time management. Companies, especially startups and fast-scaling businesses, have little freedom to waste resources as the priority is to develop trusted, high-performance products.
An intelligence company DataWalk (www.datawalk.com), that daily processes large-scale data resources for enterprises and governmental agencies, is no exception. A team of 130+ employees in Poland, the UK, and the U.S. develops data analysis software revealing hidden patterns and connections of fraud and money laundering in business operations. While creating a trusted and high-performance product, Thomas Vodrazka, DevOps Engineer & Deployment Architect, shares his perspective on building and carrying out the cybersecurity roadmap to success and the challenges underway since day one of the company.
The Challenge: DataWalk pursued a low maintenance business-level cybersecurity solution
DataWalk started off with a team of just a few people and a goal to develop a trusted and competent analytical business intelligence platform. A small company means having a limited number of hands to work on the technology that catches bad actors. Still, it didn’t last to draw the attention of financial institutions and federal agencies that needed an analytical tool to detect fraudulent activities.
The company handles big data with relatively sensitive information, so security is one of the highest priorities for DataWalk. The software provider operates on AWS cloud service to make use of different settings, including demo trials, testing, and offline data handling environments. Added to a growing number of international team members, the traffic load increased over the company network.
“In the beginning, in-house VPN and servers were sufficient for a small company. However, local VPN is limited when handling rapidly growing traffic when a company starts scaling on the scope of service and internal user number.”
In search of alternatives, a quick solution to reduce traffic on local servers by transitioning part of DataWalk traffic to a shared IP environment made sense. It’s cost-friendly, and maintenance falls under third-party responsibility. However, even though a public server proved optimal, the risk of having clashing scripts with other server users was very considerable. Besides, a shared gateway has configuration limitations that make protection a variable factor for a company that requires a secure environment to deliver services.
“As an IT systems administrator, you have to supervise many different areas to ensure that business operations and security policies run smoothly and sufficiently. Time is critical when you are a small workplace team, so, naturally, your preference is to find a solution that covers your back,” notes Thomas Vodrazka.
A security service provider that offered VPN with a dedicated IP option was something in between a self-maintained local server and a public gateway — it provides security and relieves the burden of its maintenance. Still, how do you combine additional security integration into the company infrastructure as easy to use as a consumer-focused solution?
The Solution: NordLayer provides a configure-and-forget solution to reduce IT managers’ workload
Being in the front lines of the company development process from the beginning gives the most freedom - and simultaneously as much accountability - to try out solutions that might work on the organizational level. Once implemented, systems needed additional reimbursement of security levels, and DataWalk turned to end-user-friendly solutions.
“I’ve been already using NordVPN for my personal use together with the CTO of the company. The service and interface had all I needed, so I started asking around if there was a business version of it — not much later, we moved to NordLayer with the whole company.”
Primarily, DataWalk uses NordLayer “to safely access company resources from anywhere the team is connected from,” Thomas Vodrazka adds. The distance for an IT manager sometimes may come as an inconvenience if the setup of new tools is overly complicated for the rest of the employees.
The solution must be suitable from end-user and IT admin perspectives to install and manage the tool to reduce company personnel onboarding and time delays. The criteria of simple integration apply for solution compatibility with other service providers to uplift, not contradict, absolute security and operational company ecosystem.
Additional NordLayer solution features like Remote Desktop Protocol (RDP) also proved valuable if there is a more constant need to troubleshoot and access colleague end-point from a distance. Virtual assistance is a lifesaver for IT admins when positioned in different places of the world and a remote team lacks the knowledge or skills to resolve the issue themselves.
The Outcome: Fast and easy deployment accomplished effective network infrastructure upgrade
IT system administrator is the end-user himself, so easy technological upgrades and integrations to the company systems leave more space to plan and test customized cybersecurity strategies preparing for the best and worst security scenarios.
“Knowing that I don’t have to worry about VPN lets me save time and put it to better use,” notes Thomas.
One of the NordLayer strengths is its deployment within minutes — a straightforward installment process launches security measures seamlessly adapting to existing company infrastructure. DataWalk utilizes two Virtual Private Gateways in the U.S. and Europe — all the administrator has to do — is “configure it once and don’t think about it again.”
According to Thomas, “Configuration was within 20 minutes — blocked public access and changed the IP address. It was as easy as it sounds.”
NordLayer assists IT systems administrators with a centralized Control Panel, facilitating internal auditing. Plus, if your team runs into any issues they can rely on 24/7 ready-to-help customer support team.
Once selected the right-fit tools for the organization, it’s just as important to stay aware and combine best cybersecurity practices even though how little and uncritical they might seem at first sight. Therefore, DevOps Engineer & Deployment Architect Thomas Vodrazka reminds every IT manager to:
Keep an eye out for timely password rotation, and use password sharing tools with your team to avoid any undesired accidents
Never underestimate the importance of Two-Factor Authentication (2FA) to verify identities within the company network
Use Single Sign-On (SSO) for an additional layer of security within the systems.
Limit access to your company resources to a dedicated pool of IP addresses.
Consider minimizing time spent on complex or unnecessary workloads every IT manager has to deal with daily? Contact our team to learn more about how adaptive and easy tools can prove compelling and efficient for your cybersecurity approach.