RJV ONVA

Secures the Government National Office’s, New Way of Working, with our Endpoint and Network Solutions

Overview

The “Rijksdienst voor Jaarlijkse Vakantie - Office National des Vacances Annuelles (RJVONVA)” is a federal institution for the calculation of the duration of employees’ annual leave and of the annual holiday pays for laborers and artists. Additionally, RJV-ONVA is the overarching organization for other holiday funds. Each year by the end of June, over 1.12 million receive their holiday pay from this civil service, which amounts to a combined total of over 2.24 billion euro.

Late 2015, RJV-ONVA has moved to new offices in the heart of Brussels. They have been designed more ecologically and in such a way that they suit RJV-ONVA’s New Way Of Working philosophy better. Employees no longer have their own desk, but they can work about anywhere in the building. Since 2017, the 233 employees can work from home several days a week. Furthermore, RJV-ONVA is actively promoting the paperless office.

"We have investigated all available vendors’ offering, more specifically how their solutions met the requirements that matter most to us, such as their use of available computer resources and their licensing model. Trend Micro emerged as the winner."

Emmanuel Lekeu,
Technical Operations Manager, RJV-ONVA

Challenges

The radically different office design has also impacted the ICT infrastructure. “Our end users today are very mobile. They can work from anywhere via a VPN connection, using various types of devices and accessing data wherever they reside: in the cloud, in our datacenter or locally on their laptop”, explains Emmanuel Lekeu, Technical Operations Manager of RJV-ONVA.

Given the extreme confidentiality of the data processed by RJV-ONVA, securing these data and the network is one of their top priorities. The challenge for the ICT department was not so much in deploying a secure network, but rather in securing the data while ensuring that the end user enjoys the same user experience regardless of the device they’re using.

"Trend Micro’s capacity to integrate with VMware was an important bonus, which our previous provider failed to offer."

Emmanuel Lekeu,
Technical Operations Manager, RJV-ONVA

Why Trend Micro

Prior to March 2010 RJV-ONVA was using a traditional antivirus solution. This solution was pattern-based, required much of the available computer resources and yet it didn’t provide a sufficient protection from all malware. Until 2014, all data were residing on the local mainframes. It was then decided to move all data to two external datacenters (in an active-active configuration) which host all 250 virtual servers.

As RJV-ONVA is a public institution, a cost/benefit analysis is required if the value of a procurement exceeds a certain threshold. Emmanuel Lekeu: “We have investigated all available vendors’ offering, more specifically how their solutions met the requirements that matter most to us, such as their use of available computer resources and their licensing model. Trend Micro emerged as the winner. Their capacity to integrate with VMware was an important bonus, which our previous provider failed to offer. Additionally, Trend Micro provides an all-in-one solution, which is a huge advantage for us. Last but not least: Trend Micro was among the first to use a licensing model per user instead of per device.”.

"One of the advantages offered by Deep Security is that your infrastructure is always protected from Zero Day-attacks, even before the required patches are installed. This enables us to test patches thoroughly, among others on their impact on the infrastructure, before actually installing them, while the system remains protected."

Emmanuel Lekeu,
Technical Operations Manager, RJV-ONVA

Solution

In 2010, RJV-ONVA started installing Trend Micro’s endpoint security solution on all devices, followed by the occasional update whenever required.

In June 2016, Trend Micro’s new offering, Deep Security, caught RJV-ONVA’s attention. Following a six month ‘Proof of Concept ‘, everyone agreed that this solution covered all of the organization’s needs. “In the past, RJV-ONVA did not always manage to keep security up-to-date on server level. One of the advantages offered by Deep Security is that your infrastructure is always protected from Zero Day-attacks, even before the required patches are installed. This enables us to test patches thoroughly, among others on their impact on the infrastructure, before actually installing them, while the system remains protected” says Emmanuel Lekeu. Today, Deep Security is fully up and running, and Threat Prevention (including intrusion prevention IPS) is active. The integration with all Trend Micro products leads to a faster malware detection. RJV-ONVA will also use micro-segmentation to optimize the network security in the future.

Results

RJV-ONVA employees can now work in a fully secured environment, faster than ever before. All devices run a virus dictionary, which requires less processing power and performs checks in the cloud in real time (smart scan leverages anti-malware and anti-spyware signatures stored in the cloud). And they benefit from the power of ‘machine learning’: when a specific document is considered safe by Trend Micro, this type of file will be scanned more quickly in the future.

The IT department is thrilled with this new solution, not in the least with the ease of use on management level. Trend Micro’s solutions can be deployed very quickly and all tools are very easy to configure. “It is obvious that this software is developed with a user-centric philosophy”, comments Geoffrey Lemaire, ICT Infrastructure Engineer at RJV-ONVA. “The implementation of updates has become less cumbersome as well, and processing malware has become daily tasking.”

RJV-ONVA is very satisfied with the quality of the solution. Not surprisingly: a research held by Smals ICT, service provider for the public sector, has ranked Trend Micro highest when it comes to protecting virtual servers and sandboxing.

What's Next

RJV-ONVA and IT partner Uptime are considering what next steps should be taken. They already use Trend Micro OfficeScan including XGen endpoint security. On the agenda now: purchasing a license for Smart Protection Complete Suite which contains OfficeScan XGen (v12). They also plan to evaluate ISWSaaS (InterScan Web Security as a Service). The goal is to provide the same security policy for web if the user is inside the company or in its home.

More and more often security is layered. “One can only consider a next layer when the previous basic layers are already implemented. You have to build it brick by brick. Our duty as an IT department is to follow the evolutions in technology very closely. That is why we are currently investigating sandboxing, a technology which analyses incoming files in an isolated environment in just a few seconds, before releasing it to the end user, who will hardly be aware of this slight delay. This type of technology, which combines an increased security with a continued smooth operation, is what we’re constantly looking for. 100% protection is an unattainable goal, because security consists of more than just solutions: it also depends on what the user does with the data. That is why education and awareness are critical, and among our top priorities today”, concludes Emmanuel Lekeu.