Johnston Carmichael

“As a large team of Chartered Accountants based in Scotland we needed to control the use of USB sticks and other portable devices because of the security threats they pose – to add or remove data to/from our network and to prevent malware from being introduced onto the network via the same channels.

We wanted to implement a cost efficient solution that was both effective & affordable and that we could implement quickly on a tight budget to address the immediate business concerns. GFI was one of the first we came across which was reasonably priced and would do the job. GFI also seemed to have a good suite of other well-known products. We took the decision to progress with GFI EndPointSecurity mainly on cost-effectiveness but also on the invaluable pre-sales help afforded us by our supplier, Grant McGregor Ltd – other solutions were just too expensive or complex in comparison.

We have been able to readily prevent unauthorised use of non-approved USB devices firm-wide. GFI EndPointSecurity also provides some useful audit information on the data that is being transferred to approved, issued USB storage devices. IT now has far better control of our PC and Laptops systems and their everyday use in that we only allow the use of company-purchased and white listed USB drives by our audit teams. No other USB storage devices will work when plugged in.

Implementing GFI EndPointSecurity was also a smooth process for the organisation with everyone aware of the new security measures in place. We rolled out GFI EndPointSecurity in a slow methodical manner rather than a big bang approach and took time to inform our users. We were able to implement a solution to address a business problem without a big financial hit or an overly complex solution. I would say it has been very cost-effective in that the outlay was very acceptable compared to other similar products yet GFI EndPointSecurity fully delivers the level of control we were looking for.

Our main aim was initially to block rogue USB storage devices from our network. Once the policies were configured and tested we were able to roll it out firm-wide over a controlled period of time and it worked well. That met our initial goal right from the outset.