Vistaprint

View Vistaprint Case Study

Vistaprint Taps ForeScout CounterACT for Endpoint Compliance

“CounterACT is quickly becoming a verb at Vistaprint. For example, people will say: ‘You need to know xyz about xyz system? CounterACT it!’”

– Christian Ponce, Manager of IT Audit and Compliance

Challenge:
  • Vistaprint employs over 3,600 people, operates more than 25 localized websites globally, and ships products to more than 130 countries around the world.  The company’s network consists of more than 15,000 endpoints, which include servers, desktops, laptops, and personal devices.
  • Tightly manage endpoint compliance on all devices—physical as well as virtual machines—in order to reduce business risk.
  • Comply with privacy and other industry regulations such as PCI.
  • Obtain real-time visibility into the security posture of all devices on the network, without using agents
Solution:
  • “We were looking for a solution that could easily scale across our global environment and that could be managed via a single console. The solution needed to be agentless, extremely user friendly, and meet the needs of several different IT management teams: the asset management team, server team, information risk management team, and the desktop team. Since most of the NAC solutions we looked at were agent based, we zeroed in on ForeScout CounterACT.
  • It took only five days to deploy CounterACT across their entire environment, monitoring all 15,000 endpoints and servers.
  • With CounterACT, they were able to map out their environment with almost 100% accuracy. CounterACT’s out-of-the-box policies and checks could set, monitor and enforce policies as needed.”
Results:
  • Endpoint Compliance: While Vistaprint had several existing systems for tracking endpoint visibility and compliance (e.g. Microsoft SCCM, etc.), they all had limitations. Immediately after installing CounterACT on the network, Vistaprint discovered a number of issues that required immediate attention. On an ongoing basis, CounterACT helps Vistaprint reduce risk by identifying and eliminating unauthorized applications, ensuring that all systems are properly patched and updated (Windows, Flash Player, Adobe Reader, etc.), ensuring that antivirus is installed and up-to-date, and ensuring that full disk encryption is running wherever it is supposed to be.
  • Software License Management: “The Asset Management group can look at all servers and on the fly pull a report that shows what applications are being run, whether the software is covered by our licensing agreement, and decide to remove or update software as needed. The use of CounterACT to support our license management efforts has enabled us to get a more accurate read on what we need, putting us in a much stronger position to negotiate licensing. CounterACT’s impact on licensing alone has already had a direct, positive financial impact on the company.”
  • PCI Compliance: ”Prior to CounterACT, it was difficult to tell which company-issued laptops were compliant with our PCI policies. For example, our laptop configuration standard requires a certain version of the operating system, antivirus, full disk encryption, and all Windows patches installed. We also have a requirement for employees to sign our acceptable use policy (AUP) every 365 days. CounterACT solves all of these problems elegantly and efficiently.”