Verco is a fictitious name for an actual organization. The company name has been changed to protect client confidentiality for the purpose of this case study.

Situation

Verco is a public service organization with a single office location in New York’s Capital Region. Verco was struggling to maintain an unmanaged network with approximately 20 workstations and users and requested that Vector One make general recommendations to help Verco make more effective use of information technology.  Vector One followed our standard project methodology:

  • Review the current environment
    through a combination of interviews with key stakeholders, manual review of system and network configurations, and use of automated tools.
  • Create a documented list of objectives and solution requirements
    along with anticipated budget for one-time remediation and ongoing maintenance.
  • Create solution design
    to meet client’s objectives and solution requirements within budget, with emphasis on overall security, usability, performance, and total cost of ownership.

Objectives and Solution Requirements

Verco identified the following as specific objectives and solution requirements:

  • Central administration and access for all IT assets and resources, including ability for authorized users to login to any workstation
  • Low administrative overhead / low total cost of ownership of IT environment
  • Scalability to support future growth
  • Ability to leverage internal network resources and “cloud” resources.
  • Good overall systems integrity, including
    • Security
    • Availability
    • Backup and Recovery
    • Performance
  • Feature requirements
    • File sharing with appropriate access controls
    • Print sharing
    • Email under Verco’s own domain name, rather than individual gMail accounts

Solution

Based upon Vector One’s understanding of Verco’ current environment, specific objectives and requirements, Vector One recommended and implemented the following:

  • Replace old Synology NAS appliance with new Synology NAS appliance
    • Leverage Synology Directory Service to emulate on-premise Active Directory at a significantly lower cost than a Windows server
    • File sharing for on-premise users via mapped network drive letters, automated via group policy
    • Leverage Synology Drive application as replacement for DropBox, extending on-premise file shares “to the cloud” for remote users, while maintaining centralized access controls
  • Join all workstations to domain environment
    • Provide centralized authentication and administration for workstations
    • Improve overall ease of use by automating user access to file shares while maintaining access controls
  • Migrated email from unmanaged gMail accounts to MS365 / hosted Exchange with Verco’s domain name.
  • Implement layered security for defense in depth
    • Replaced consumer grade router with business class firewall with advanced security features
    • Replaced open wifi with managed wifi, including private and guest wireless networks
    • Managed backup for all data, including centralized file shares, email and other MS365 data, and individual workstations.
    • Managed antivirus via Sentinel One EDR (Endpoint Detection and Response)
    • DNS filtering
    • Hosted mail filter via Zix / AppRiver
    • 24×7 monitoring and alerting of all critical system resources for conditions requiring attention
  • Ongoing support and administration under hybrid managed services model