Sporton International

Certification Company Reduces IM Security Management Costs by 50 Percent

Sporton International Inc., the largest certification company in Taiwan, is privy to some of the most sensitive trade secrets of its customers, which include such technology leaders as Apple, HP, and Nokia. Sporton employees send 100,000 instant messages daily, but the company had no way to ensure that employees were not inadvertently sharing its confidential information with each other—or worse, with competitors. Also, its desktop antivirus solutions alone were not sufficient to detect IM-based viruses. Microsoft® Forefront™ Security for Office Communications Server now helps Sporton enforce corporate information-sharing policies in instant messaging (IM) conversations. It has reduced virus infections transmitted through IM-based file transfers by 20 percent and has cut the cost of managing IM security by 50 percent, a savings of U.S.$35,000 annually.

Situation

Sporton International Inc. is the largest certification company in Taiwan, servicing mobile phone manufacturers, platform developers, and companies that design integrated circuits, chips, and wireless RF devices. It certifies the safety, regulatory, and other compliance needs of some of the biggest names in business—Apple, Dell, HP, IBM, Microsoft, Motorola, Nokia, Samsung, Siemens.

We couldn’t find a solution to protect Office Communications Server…. Our only recourse was to build our own, requiring painstaking and time-consuming work.  David Feng IT Director Sporton

When performing certification testing, Sporton becomes the custodian of some of the greatest trade secrets of its customers: prototypes, often built with highly proprietary technology. Protecting these secrets must be paramount, especially since many of its customers are industry competitors, so Sporton must aggressively guard against any breaches of confidentiality—including within its instant messaging infrastructure.
 
IM is a primary means of communication at Sporton, with its 370 employees exchanging nearly 100,000 instant messages every day. Sporton had implemented Office Communications Server 2007 to provide enterprise-wide control over its instant messaging communications. Office Communications Server was selected because it provides employees an easy way to communicate, integrates seamlessly with Microsoft Exchange Server 2007 and Outlook 2007, and yet enables its employees to communicate with customers using popular IM software.

In addition to an enterprise IM platform, Sporton executives wanted assurance that employees could not inadvertently (or purposefully) reveal sensitive information to someone in another division or outside the company. And having experienced several virus outbreaks due to file sharing over IM, they were also concerned about IM-specific virus protection.

But, explains Sporton’s IT director David Feng, “We couldn’t find an adequate solution to protect Office Communications Server from these problems. Our only recourse was to build our own, requiring painstaking and time-consuming work.”

Sporton IT staff stitched together a patchwork solution. For anti-malware protection, the IT department relied on desktop antivirus software, enforced by a daily check to ensure that every client machine was operating with the latest signatures. While this worked well to protect desktops, it did not adequately protect the real-time instant messaging environment. For this, Sporton wanted protection at the server level to ensure that every message would be scanned before it was transmitted.

To protect against any sharing of proprietary information, the IT department used the built-in archiving mechanism of Office Communications Server to store every IM in an Office Communications Server database. The development team then created an application to query it every day for out-of-policy words and terms. The sheer volume of daily messages made this laborious work. It necessitated the full-time dedication of one IT administrator. It also consumed about a third of the IT security team’s time every day for daily modification of the queries, searching and analysis of the data retrieved manually, and review meetings with employees who broke the rules. In addition to diverting IT staff away from their regular duties, this work was, of course, after the fact. There was no way to query or block content in real time, so in the end, it could not prevent the leak of confidential data.

Solution

In March 2008, Sporton became aware of a new Microsoft product to protect its IM—Forefront Security for Office Communications Server—and joined Microsoft’s Technology Adoption Program (TAP) to access early releases.

Deployment took less than 20 minutes. Protection was immediate.  David Feng IT Director Sporton

“After several extensive production tests of Forefront Security for Office Communications Server Beta 1, we were satisfied with its quality and stability, so we decided to deploy it on two servers in our production environment,” said Feng.

The learning curve was minimal for staff, and, remembers Feng, “Deployment took less than 20 minutes. Protection was immediate.” It was particularly smooth because Forefront Security for Office Communications Server works similarly to other Forefront products Sporton had already deployed, including Forefront Security for Exchange Server and Forefront Security for SharePoint®. After implementation, the security administrator handled daily operations.

Sporton also deployed Beta 2 and Beta 3 into production, and before implementing each beta, the IT department tested the program, leaving Feng feeling increasingly confident about the stability of Forefront Security for Office Communications Server and the security it provided. Now (February 2008) the team is in the process of migrating to Office Communications Server 2007 Enterprise Edition 2007 R2 with Forefront Security for Office Communications Server RC.

As the company moves to Office Communications Server Enterprise Edition, it has also begun to use Forefront Security for Office Communications Server for federated protection of IM. The IT team configures federated organizations within Office Communications Server, thereby enabling internal users to communicate using IM with users of the federated organization. They communicate across the Office Communications Server Access Edge server role, which is deployed at the network perimeter. Since Forefront Security for Office Communications Server provides protection for the Access Edge role, IM communications from or to external users are secure.

Benefits

Using Forefront Security for Office Communications Server, Sporton has reduced virus infections transmitted through IM-based file transfers by 20 percent and IT costs to protect IM by 50 percent. Feng sums up the benefits for Sporton: “Forefront Security for Office Communications Server gives us the layered defense of IM communications we wanted—server-side anti-malware protection with multiple engines and automated keyword-filtering capabilities. We have not found any other product on the market that can provide comparable protection for Office Communications Server.”

Reduced viruses transmitted through IM-based file transfers and blocked breaches of confidentiality

A significant benefit to Sporton has been the increase in confidence in the security of its IM communications. Thanks to precise reports that Forefront Security for Office Communications Server generates, Feng knows that it is monitoring IM for the latest malware threats. Reports reveal that since its deployment, 20 percent fewer viruses have been transmitted through the transfer of files in IM.

Because inappropriate IMs can now be blocked in real time at the server, Sporton can be confident that instant messages won’t contain confidential information (trade secrets of its customers, say) or out-of-policy content (such as profanity). Since deployment, Feng’s team has found that it has blocked more than 100 instant messages containing nondisclosure information that, if made public, could have had serious legal ramifications for Sporton.

This confidence is bolstered by Sporton’s long experience with the multiple engine protection of Forefront Security products, to which Feng attributes his belief that “Microsoft can better protect Office Communications Server than non-Microsoft products.” He knows what he’s talking about, having tested both Trend Micro and Symantec messaging and collaboration protection products in the past. The tests found that neither company’s products could meet Sporton’s stringent security requirements.

Reduced the cost of security management by more than 50 percent

Automatically, without IT intervention, Forefront Security for Office Communications Server now handles everything the IT department used to take hours a day to accomplish manually—with greater accuracy and in real time. This has enabled Feng to return his IT staff to their regular duties, and reduced the total cost of protecting IM communications by 50 percent, saving $35,000 (US) annually.

In addition to the dramatic reduction in IT time, Forefront Security for Office Communications Server “provides an efficient, centrally managed security solution,” according to Feng. Notifications of out-of-policy activity and reports on viruses blocked give the IT department a clear picture of threats without any effort on their part. Because Forefront Security for Office Communications Server uses the same management interface as other Forefront products Sporton has used over the years, it also makes defining filters and other administrative jobs that much easier.

For More Information

For more information about Microsoft products and services, call the Microsoft Sales Information Center at (800) 426-9400. In Canada, call the Microsoft Canada Information Centre at (877) 568-2495. Customers who are deaf or hard-of-hearing can reach Microsoft text telephone (TTY/TDD) services at (800) 892-5234 in the United States or (905) 568-9641 in Canada. Outside the 50 United States and Canada, please contact your local Microsoft subsidiary. To access information using the World Wide Web, go to:
www.microsoft.com

For more information about Sporton International Inc. products and services, visit the Web site at:
www.sporton.com.tw/default_english.htm

Microsoft Forefront Product Portfolio

The Microsoft® Forefront™ comprehensive line of business security products provides greater protection and control through integration with your existing IT infrastructure and through simplified deployment, management, and analysis. Forefront is a comprehensive solution that helps provide protection for the client operating system, application servers, and the network edge.

For more information about the Forefront product portfolio, go to:
www.microsoft.com/forefront www.microsoft.com/forefront

This case study is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.

Document published March 2009