A2U, an IGEL Platinum Partner, recently experienced a situation where one of its large, regional healthcare clients was hit by a cyberattack. “Essentially, malware entered the client’s network via a computer and began replicating like wildfire,” recalls A2U Vice President of Sales, Robert Hammond.
During the cyberattack, a few hundred of the hospital’s PCs were affected. Among those were 30 endpoints within the finance department that the healthcare organization deemed mission critical due to the volume of daily transactions between patients, insurance companies, and state and county agencies for services rendered. “It was very painful from a business standpoint not to be able to conduct billing and receiving, not to mention payroll,” said Hammond.
Prior to this particular incident, A2U had received demo units of the IGEL UD Pocket, a revolutionary micro thin client that can transform x86-compatible PCs and laptops into IGEL OS-powered desktops.
“We had been having a discussion with this client about re-imaging their PCs, but their primary concern was maintaining the integrity of the data that was already on the hardware,” continued Hammond. “HIPAA and other regulations meant that they needed to preserve the data and keep it secure, and we thought that the IGEL UD Pocket could be the answer to this problem. We didn’t see why it wouldn’t work, but we needed to test our theory.”
When the malware attack hit, that opportunity came sooner, rather than later for A2U. “We plugged the UD Pocket into one of the affected machines and were able to bypass the local hard drive, installing the Linux-based IGEL OS on the system without impacting existing data,” said Hammond. “It was like we had created a ‘Linux bubble’ that protected the machine, yet created an environment that allowed end users to quickly return to productivity.”
Working with the hospital’s IT team, it only took a few hours for A2U to get the entire finance department back online. “They were able to start billing the very next day,” added Hammond.
DevOps: An unsuspecting target for the world’s most sophisticated cybercriminals
DevOps focuses on automated pipelines that help organizations improve business-impacting KPIs like time-to-market, product development speed, agility and more. In a world where less time means more money, putting code into production the same day it’s written is, well, a game changer. But with new opportunities come new challenges. Automated building of software that’s distributed by vendors straight into corporations worldwide leaves cybercriminals salivating over costly supply chain attacks.
So how does one combat supply chain attacks?
Many can be prevented through the deployment of security to development infrastructure servers, the routine vetting of containers and anti-malware testing of the production artifacts. The problem is that a lack of integration solutions in traditional security products wastes time due to fragmented automation, overcomplicated processes and limited visibility—all taboo in DevOps environments.
Cybercriminals exploit fundamental differences between the operational goals of those who maintain and operate in the development environment. That’s why it’s important to show unity and focus on a single strategic goal—delivering a safe product to partners and customers in time.The protection-performance balance
A strong security foundation is crucial to stopping threats, but it won’t come from a one bullet. It takes the right multi-layered combination to deliver the right DevOps security-performance balance, bringing you closer to where you want to be.
Protect your automated pipeline using endpoint protection that’s fully effective in pre-filtering incidents before EDR comes into play. After all, the earlier threats can be countered automatically, the less impact on resources. It’s important to focus on protection that’s powerful, accessible through an intuitive and well-documented interface, and easily integrated through scripts.