CGW (Cooper Grace Ward) is a multi-award winning Australian law practice formed in 1980. The firm offers a full range of commercial legal services to clients across Australia and internationally, focusing on the areas of corporate and commercial, property, litigation, insurance, and family law.
The growing team includes over 235 users across the entire company network, with several employees often working offsite–some from remote client locations. A robust and cost-efficient IT infrastructure is critical to the team.
IT Manager Jason Mills explains: “Being knowledge workers, our staff are on their computers nearly all day, and the speed of applications and overall reliability are essential requirements.”
CGW invests in building an agile IT infrastructure to accomplish this and is one of the few legal firms in Australia to have successfully virtualized 100% of its servers.
VMware View and VMware vSphere enabled Cooper Grace Ward Lawyers to implement a “flexible device policy” and develop a highly efficient application deployment, upgrading, and patching strategy.
“As we were completing our server virtualization we realized that our desktops needed a refresh. We reviewed the cost and benefits of a new Virtualized Desktop Infrastructure (VDI)–as opposed to physical desktop infrastructure. While VDI was not the cheaper option, there were several important benefits for our business and it was clearly the way of the future. Ultimately, we did not want to invest in an upgrade that could become obsolete,” says Mills.
The firm’s pilot of VDI was very successful but it was felt that stronger managed security was required.
“We had to rely on our cloud-based, non-Trend Micro protection as we did not have any end-point virus protection. This was a big risk as our users visit a wide range of websites every day, potentially exposing their PCs and the network to cyber-attacks or malware. Employees also receive USBs with client documents and while our IT department scans those used in our office, there’s no provision to run these checks if they plug a device into their laptop from a client’s office,” says Mills.
CGW knew it had a significant risk profile and stakeholders were concerned that apart from the time and resource costs associated with restoring a system after any attack, the productivity loss would directly impact profitability.
"We don’t need a large administrative overhead to run Deep Security. It’s always on and always up to date, acting as IT’s eyes and ears, from a network point of view."
IT Manager, Cooper Grace Ward
“We are a law firm and bill per six minute block. If we have an outage, it could potentially cost the business several thousands of dollars in lost revenue. It was therefore diligent of us to ensure we had the right level of granular level scanning at each desktop,” adds Mills.
The firm tried using its existing Trend Micro OfficeScan in their new VDI environment but it was apparent that this solution was not designed to cater to the new requirements, like boot storms.
“Running local scans on a VDI environment causes a massive overhead, overwhelming the host. We wouldn’t get the scalability we needed from our environment, blowing out our costs,” says Mills.
CGW decided to call Trend Micro to discuss its new challenges. “We know from experience that when Trend Micro delivers a product, it is fit for market," says Mills. "The team is also ready to help you work through any teething issues, which was important because we were just starting our desktop virtualization journey.”
Trend Micro suggested Deep Security and CGW started a trial, even running several USB penetration tests. By using the vShield Endpoint and Trend Micro Deep Security virtual appliance, the need for separate security agents on each virtual machine was eliminated–significantly increasing performance and virtual machine density.
“The trial showed us that Deep Security was clearly ahead of the game," explains Mills. "There was no other solution that leveraged the vShield architecture to allow anti-malware scanning inside of the hypervisor. Also, it had minimum impact on our VDI and we were able to keep costs down, as no additional hardware was needed to cater for virus scanning.
The decision to go with Trend Micro was an easy one for all stakeholders and deployment was seamless.
“Our system administrator said it was one of the quicker applications to deploy," Mills says. "You just deploy the OVF template, do some minor configuration and the next thing you know you’ve got virus protection running. In fact, Deep Security is so easy to use that we’ve even been able to do some subsequent upgrades ourselves.”
A big advantage for CGW is the high level of automation built into the Trend Micro solution.
“We don’t need a large administrative overhead to run Deep Security," says Mills. "It’s always on and always up to date. It acts as IT’s eyes and ears from a network point of view. This means my team does not need to be paranoid about security or rule with an iron fist by setting onerous rules that usually affect productivity.”
An employee recently used an infected USB from a client and Deep Security issued an instant alert that a virus had been picked up and removed. “All we did was have a quick chat with the employee to confirm where the USB had come from and we were able to let that client know that their security had been compromised.”
For CGW employees who travel and have to connect from remote sites, having a familiar work space is invaluable to their productivity.
“Our users are now able to work securely from any device wherever they are, be it Sydney or New York," says Mills. "They can load their desktop and it has all their own profile settings. The feedback I get about this is outstanding and it positions my team as being on the front foot.”
With cyber threats on the rise, a large part of managing security is maintaining confidence in security measures.
“Almost every week I get an email from an employee or partner concerned about a new cyber threat that has affected a company they know–or an attack mentioned in an article they read," Mills says. "It is then up to me to convince them about our security measures by sharing information about Deep Security. After that conversation they are confident that we’ve done enough to mitigate our risks.”
Without having to deal with security concerns in their VDI environment, the team has been able to spend more time on innovation.
“Being an IT manager looking after a complex environment, it’s ultimately my responsibility to ensure our network is protected and Deep Security gives me the peace of mind that we have achieved that,” Mills says.