Case study: Save the Children
Save the Children is a popular target for cyber threats. The organisation needed a centralised security solution to align with its IT strategy.
Save the Children - September 2021
Save the Children is a popular target for cyber threats. Their goal was to regain control of their extensive IT estate.
Overview
Customer profile
Industry: Not for profit
Location: UK, Global
Endpoint Protection (EPP) and Endpoint Detection and Response (EDR) are particularly important for providing a baseline of security across Save the Children’s large, diffuse IT estate. In line with wider efforts to establish a more centralised approach to IT and security management, Save The Children needed a solution with a high level of functionality that could administer a large number of endpoints from a single point.
Save the Children is one of the most prominent international NGOs in the world, dedicated to improving and protecting the lives of children around the globe. Founded in the UK in 1919, it has helped to supply some of the most impoverished children in the world with access to shelter, food, safe drinking water, healthcare and education.
Due to the sensitive nature of their work, strong cybersecurity capabilities are extremely important.
Solutions provided
- WithSecure™ Elements Endpoint Protection
- WithSecure™ Elements Endpoint Detection and Response
Business results
-
More than 100,000 attempted malware infections are identified and resolved across Save the Children’s global infrastructure in an average month
-
The solutions continually block thousands of attempts by worms designed to hide in the system and download further malicious software
-
The partnership allows the management of around 8,000 software updates every month, with over 2,000 of those relating to critical security
The cyber risk for NGOs
As a well-known global NGO, Save the Children faces a high level of cyber threat. Charity organisations are a popular target for cyber criminals and are particularly vulnerable to disruptive attacks such as ransomware due to the critical nature of their work. More than a quarter of UK charities have reported being the victims of cyber attacks over the last year and there have been several prominent incidents involving large global organisations.
Accordingly, cyber security is a high priority for Save the Children. The organisation safeguards sensitive information relating to vulnerable children, as well as the personal and financial details of its staff, volunteers, and donors.
Mark Hawkins, Global Humanitarian Technologies Manager at Save the Children, comments: “We’re actually more at risk than most commercial organisations. Not only do we have a huge amount of data that is attractive to cyber criminals, but our status also means we’re a potential target for politically motivated attacks by state actors. Ransomware and data theft are the chief security concerns.”
He continues: “We also need to manage and secure a huge IT estate across the world in widely differing environments. Some locations have little infrastructure, so we need a reliable, flexible approach to security.”
Mark Hawkins, Global Humanitarian Technologies Manager.
"We’re a potential target for politically motivated attacks by state actors. Ransomware and data theft are the chief security concerns."
Searching for a reliable, flexible solution
As part of its commitment to security, Save the Children reviews its provisions every five years. Having implemented a strict procurement process, the organisation always puts out a tender when renewing or replacing solutions and services.
Endpoint Protection (EPP) and Endpoint Detection and Response (EDR) are particularly important for providing a baseline of security across Save the Children’s large, diffuse IT estate. In line with wider efforts to establish a more centralised approach to IT and security management, the organisation needed a solution with a high level of functionality that could administer a large number of endpoints from a single point.
Mark says: “The biggest question was: will it get the job done and reduce the threat against our organisation? We really needed something that would do what it says on the tin. The price point was also vital for us as budgeting is always a priority when it comes to public funds and donations.”
Mark Hawkins, Global Humanitarian Technologies Manager.
"The biggest question was: will it get the job done and reduce the threat against our organisation?"
Its position as an NGO also means that ethical concerns play a greater role than they do for most private sector companies.
Mark adds: “As an NGO, it’s particularly important for us to do due diligence on any company we work with. A lot of our funding comes from public organisations and governments, so we need to avoid suppliers that have known or rumoured connections to state bad actors. This was a prominent factor in our decision to move towards a new endpoint security provider.”
Flow has been a trusted provider for Save the Children for several years, working closely with the organisation on a number of IT and security services and solutions. During the tender process for this solution in particular, Flow introduced Save the Children to long-term vendor partner WithSecure.
Mark comments: “Flow is an excellent partner and very good at recognising and reacting to our needs. We have a strong relationship with them, so we knew we could trust their judgement when they recommended WithSecure as a supplier for our EPP and EDR demands.”
The WithSecure solution stood out from the competition as a well-established provider with a strong track record going back over 30 years. Its reputation as a highly ethical independent company was also an important factor.
Crucially, WithSecure also met Save the Children’s need for a tightly balanced budget.
“On the financial side of things, we always need the best value for money without compromising quality,” adds Mark. “When we get to the point of reviewing products there is a huge amount of competition in this space, so WithSecure’s ability to offer the same functionality at a better price point was a big win.”
Mark Hawkins, Global Humanitarian Technologies Manager.
"On the financial side of things, we always need the best value for money without compromising quality."
As a result of these factors, Save the Children opted to take on both WithSecure Elements Endpoint Protection and WithSecure Elements Endpoint Detection and Response to help protect its IT infrastructure.
Securing global IT estate
Once Save the Children selected Flow and WithSecure for this project, it began rolling out the solutions to its global IT estate in waves. The UK offices were completed first, accounting for around 300 fulltime staff. WithSecure Elements Endpoint Protection and WithSecure Elements Endpoint Detection and Response were then rolled out across the world to every endpoint in the organisation’s estate.
Mark comments: “The roll out went very smoothly and we needed little by way of support, even accounting for the areas where internet connectivity is unreliable. The fact that Flow manage the project so effectively and WithSecure agent sits on the endpoint itself is very useful for these areas.”
He continues; “Once the implementation was complete, we immediately saw the benefits of WithSecure’s accessibility. It’s now very easy for us to get real-time reports of performance and threat data from any of our locations.”
Mark Hawkins, Global Humanitarian Technologies Manager.
"Once the implementation was complete, we immediately saw the benefits of WithSecure’s accessibility. It’s now very easy for us to get real-time reports of performance and threat data from any of our locations."
Alongside the ease of implementation, Save the Children was also impressed with Flow and WithSecure’s flexibility when it came to uninstalling the solutions.
“This was important for us as it’s been an issue in the past,” Mark comments. “Some anti-virus can be so persistent it’s like a form of malware itself.”
Flow have delivered strong results in protecting Save the Children’s endpoints from cyber threats, with the support of WithSecure. More than 100,000 attempted malware infections are identified and resolved across Save the Children’s global infrastructure in an average month. In particular, the solutions continually block thousands of attempts by worms designed to hide in the system and download further malicious software. WithSecure also manage around 8,000 software updates every month, with over 2,000 of those relating to critical security.
Looking to the future, the organisation is considering expanding its relationship with Flow and WithSecure to include content filtering, another important requirement for the group.
“We need to ensure that none of our machines are used to access inappropriate content or anything that can expose our network to threats,” explains Mark. “Bringing content filtering under the WithSecure umbrella along with EPP and EDR will help us to improve visibility and meet our goal of managing everything centrally.”