IT Provider Has Seen Success with WatchGuard for A Quarter Century; Offers Simpler, Stronger Protection with Authpoint
Challenge
Simple Soft Products (SSP) is celebrating its 25th anniversary this year. "And in fact, from the very beginning we have been deploying Panda Security's endpoint security solutions to our customers," says Jeroen Goorts, owner SSP. "With Panda Adaptive Defense 360, we are able to secure large numbers of users without spending a lot of time setting up all kinds of rules. Adaptive Defense 360 actually regulates itself. Did a user download an application? Adaptive Defense 360 makes sure it is safe to use."
It is this self-regulating feature that enables SSP to manage hundreds of PCs with a relatively small team of five. "However, when we got a new customer, we did have to do a lot of work licensing and installing the software. There was no API available that would allow us to do the rollout of Adaptive Defense 360 from our own management system."
Additionally, SSP faced another challenge. "We have large customers from the education sector in particular. They have a lot of personal data. In the back end, we do everything we can to secure that data properly. But do the users also have secure access to their PCs? "In the education sector, Google Workspace (formerly G Suite) is widely used. We were already using Google Authenticator, but that's actually a drag of a solution," Goorts continues. "You have to enter a pin code several times a day, and it's only valid for thirty seconds each time. The soft tokens themselves are not secure, and are therefore easy to clone and transfer to another device, so you still can't be sure that the person logging in is really the user. You also receive no notification if someone else tries to log in with your login details.
SSP has also been developing software for Kanjer training for ten years." This training strengthens students' social skills and promotes trust and safety in a classroom. An important product of Kanjer training is the digital Kanjer Tracking and Advisory System (KanVAS). This system includes a sociogram, a student questionnaire, a teacher questionnaire and a wide range of pedagogical advice. "But there is also a lot of personal data in there that we need to secure properly. The Kanjer trainer coaches can look into the results of the analyses at the request of a school.”
Solution
SSP’s onboarding issues were solved when WatchGuard Technologies acquired Panda Security in 2020. Goorts says, "WatchGuard's API allows me to now create users in WatchGuard Cloud, after which those users can download the software they need and activate their device themselves. The process is fully automated."
WatchGuard AuthPoint also solved SSP’s authentication issues. After entering username and password, the user receives a push notification on his or her cell phone. A “press accept button” is sufficient to complete the authentication process. Unfriendly PIN codes are thus a thing of the past. Because AuthPoint knows which device belongs to the user and where that user is located, it is not possible to log in with an unknown device. A cybercriminal who tries to log in with stolen login details will also be irrevocably caught out. The authenticated user receives the push notification and can say: “that wasn't me, I'm blocking this attempt." The administrator can also see in WatchGuard Cloud that the user has blocked a login attempt. With Google Authenticator, an admin would never find out if someone tries to log in with stolen credentials.
With regards to the Kanjer software, Goorts was also completely convinced when it became clear that AuthPoint's functionality – using WatchGuard's RESTful API – could be easily and quickly integrated into the applications SSP builds for its customers. Thanks to the integration with WatchGuard AuthPoint, Kanjer trainer coaches now also get a push notification when they log in and this process is also secured with the same multi-factor authentication.
Results
“WatchGuard Cloud is the single pane of glass for SSP to manage endpoints, AuthPoint, and Fireboxes. And all with the same login credentials," concludes Goorts. "I also use the API that I use for AuthPoint for the firewalls. It brings us the automation we need to offer our customers more with the same team."