The Ministério Publico do Estado da Bahia (MPBA) is a key organization in Brazil, responsible for the defense of legal order, the democratic regime and social and individual interests in the State of Bahia. A key piece of executing those services for the state’s more than 13 million citizens is the organization’s technology, which includes more than 3,500 devices across 70 offices.
Four years ago, the government organization partnered with Forescout to ensure the compliance of those devices, quickly finding many that had been leaving them at risk. I sat down with Iaçanã Carneiro, Information Security Officer at MPBA, and IT Director Yuri Araujo to discuss the impact their compliance journey has had on their organization, both in terms of cybersecurity risk and freeing up resources to focus on long-term cybersecurity initiatives.
Why were your struggles with compliance so significant to the organization as a whole?
Our challenge was much bigger than just compliance – it affected the entire business. Whenever we had a security incident, our team struggled to determine what devices had been affected and how we could remediate it. We didn’t have a process in place to pinpoint problems, register them, mitigate them, and then prevent it from happening again. We were almost entirely reactive. That left our business at risk.
We knew we had to make a change if we wanted to ensure the security of our business going forward. We needed visibility across our 70+ offices and 3,400+ employees to enable our IS team with the data they needed to respond faster to incidents and be more proactive in preventing future events. We also knew we needed additional solutions, like device compliance and network access control, to ensure our devices were up to date with the latest antivirus agents, configurations and other compliance standards.
As a leader, what benefits did your team see from implementing new technology?
While we saw immediate security benefits, we also saw long-term business value. Our team has collectively saved 40 hours weekly by automating antivirus compliance checks and remediation, for instance. In total, we estimate we have saved more than $500,000 over three years due to IT security efficiencies and business productivity gains. That is invaluable to enable our small security team to focus on more strategic initiatives, which allows my team to grow professionally as well as better serve the business.
How did investing in device compliance allow you to better service your constituents?
When we put the visibility solutions in place, we got an immediate reality check that made me incredibly grateful we made the investment. Within just three days, our team found nearly 500 systems with broken, missing or out-of-date antivirus agents, using non-approved software and other compliance issues. and many missing patches and updates. We also found a number of users authenticated on several terminals simultaneously. Each of these points could have allowed an attacker to compromise our environment, putting our reputation and ability to serve our citizens at risk. Today, we have no machine without a fully functioning antivirus agent – we are 100% compliant.
How has having these tools in place better prepared you for today’s remote workforce?
For remote employees, we now have complete visibility into devices that are connected by VPN. This allows us to keep track of devices, even when remote, and apply policies when necessary to secure those devices and their access to internal systems.
What are your next goals as a cybersecurity organization?
Now that we have a strong foundation in place, we can now turn our attention to being much more proactive and strategic when it comes to our ongoing cybersecurity investments. This includes leveraging technologies like automation to improve automatic response to incidents, among other initiatives.
To read more about how MPBA was able to drive compliance and mitigate cybersecurity risk, read the full case study here.