Palisade Turns To The Channel To Lock Down Data

For one Indiana hospital, that fear became a reality.

Gibson General Hospital, while trialing data loss prevention solutions, found that an ICQ message, a form of online instant messaging, had been sent from the hospital's email server to an outside IP address. Problem is hospital staff doesn't use ICQ. Sleuthing revealed that the IP address belonged to a company in India.

Then, Gibson General's IT staff discovered that its email server was frequenting Web sites from Russia that utilized ICQ messaging. From there, it was found that a huge amount of data -- sent in small packets -- was being pumped out of the hospital's server to servers all over the globe, meaning hackers were trying to use the hospital's network as an email relay station to disseminate spam.

Those hackers had already created two users on the network's email servers. For a hospital, a breach of that magnitude is a major HIPAA violation and a logistical and financial nightmare.

id
unit-1659132512259
type
Sponsored post

Gibson General's IT staff turned to Palisade Systems' PacketSure data loss prevention appliance. They flipped on the blocking feature, stopped the transmission of data outside the network and ultimately prevented patient data from spewing out of the network.

For a hospital, the after affects of such a breach can be devastating. For Palisade, however, it's something the company sees all the time.

Christian Renaud, Palisade's vice president of strategy, has stacks and stacks of similar stories -- hospitals, school districts, banks -- all organizations that think their data is locked down until PacketSure uncovers some hidden leak. Typically, he said, users get the first report, "freak out" and start filtering to prevent further leaks, essentially "making sure the ship's nice and tight so they don't end up on the front page of the paper."

Renaud said PacketSure offers data loss prevention, Web-filtering and protocol filtering in a single appliance that uses configuration wizards and offers unified reporting capabilities to show violations. The box runs both out of line and in line.

PacketSure is now in version 7.5, which adds instant message blocking based on user-determined content like keywords, numbered and other metrics; an enhanced discovery agent for data-at-rest; additions to its rules engine; an updated HTTP proxy that can set specific actions based on users or groups Web browsing; and SMTP proxy enhancements that control based on sender ID; and URL filtering bypass which uses passwords that enable chosen users to bypass Web filtering protocols.

And Palisade is turning to the channel to get the word out. All it takes is one example like Gibson General and a quick trial, and Palisade becomes a quick sell, solution providers said.

"Systems are not designed to protect against the threats that are out there today," said Greg Smith, vice president of sales for BorderLAN Security, a San Diego-based solution provider. "Every single time we put this product into hospitals there are infractions. Anyone who has confidential information needs to have some sort of protection, and most of them don't."

And shutting down those infractions, Smith said, tells the ROI story on its own.

"One of the ways we do this is we talk about the cost of information," he said. "The ROI is, we show them the infractions and show them what they're worth."

Palisade is making it easier for their stable channel partners to tell that story. The company recently launched a revamped channel program that offers streamlined technical support and sales training for its partners. Palisade's program was originally beta tested by 18 resellers last year. The goal was to recruit 60 partners this year. So far, Palisade's partner base hovers between 130 to 150 and is growing, Renaud said.

As part of its new partner program, Ames, Iowa-based Palisade recently unveiled the PSI Secure Assessment Program, which includes pre-configuration of the PacketSure appliance, data collection and sorting; the PSI Demo Pool Program, which gives VARs access to free evaluation units; the PSI Shadow Training Program, which shortens the sales cycle and learning curve by letting VARs work side-by-side with Palisade trainers through the sales cycle; and the PSI Deal Registration Program to protect margins.

Additional new programs include the PSI Extended Terms Program to boost cash flow by letting VARs procure multi-year licenses and only pay for one year at a time while receiving funding for the full term; the PSI Government Agent Program, which gives VARs resources to work with government organizations; and the PSI LS3P Program, a marketing program that lets authorized resellers spend market development funds on qualified leads already in the sales process.

Palisade also launched a new sales model where solution providers sell an extended maintenance contract and the hardware and software licensing are free, with the full package clocking in at roughly $150,000 for a 1,000 seat deployment for the three year deal. And the partners get paid up-front.

The program also helps partners launch a set of professional services around helping clients locate and solve their data leakage problem, Renaud said.

"It really horizontally expands their visibility into the organization," Renaud said.

Smith said Palisade takes a distinct approach to data loss prevention, offering filtering capabilities where others in the space tend to stick to forensics only, J.P. Ponkivar, BorderLAN sales engineer, agreed.

"The big value here is the ability to shoot things down before they leave," Ponkivar said, adding it's easy for him to implement. It plugs in in a passive mode and doesn't slow the network down, Ponkivar added, noting that after install policies are set up.

Last month, Smith said BorderLAN had closed four deals with Palisade in large hospitals, and the solution continues to gain traction.

"The play right now is in health care and financial, or anywhere that has patient or company information that needs easy to install data loss prevention," he said. "These companies can't afford to wait. The breaches are out there."