Symantec and Aurora Secure Sensitive Communications for Nevada’s Public Employees
• Wanted to integrate email infrastructure with the centrally managed PGP Gateway Email Encryption.
• Wanted to integrate Email encryption with existing Mail Hygene Solution (Brightmail) and DLP (Vontu) for seamless policy creation and content aware email security.
• Needed to secure email to comply with HIPAA and PHI
“The engineer that assisted us with the installation process was very knowledgeable about the product. The guy is awesome.”
– Chris DeSocio, State of Nevada Public Employees Benefits Program
The office of the state of Nevada’s Public Employee Benefits Program (PEBP) is responsible for providing medical and dental benefits for all of the state’s employees and retirees, as well as their dependents. In 2000, the agency covered approximately 33,000 people. Today, that number has grown to 77,000. But Chief Information Office Chris DeSocio reports that the agency has been able to process the escalating number of transactions without adding a single full-time employee.
The agency relies heavily on technology – particularly Symantec products – to maintain its efficiency and security standards, as well as those mandated by government and industry regulations, without hiring additional staff. This is a full-time job in itself, and in 2011 required the launching of several technology projects, one of which focused on data security.
“We were looking to meet a requirement that was being advanced throughout the industry to up our game in regards to compliance with HIPAA regulations and protecting PHI,” DeSocio recalled. “We wanted to use the DLP system we already had in place to enable us to create policies that would trigger secure emails, and enable our staff to send and receive encrypted email messages that contain PHI and HIPAA related data when necessary.”
The initial impulse was to stay with Symantec, which had already served PEBP well as a solution for file transfer, automated encryption and the transfer of large data packages via FTP. However, the agency also investigated other solutions that were available to integrate with Brightmail and Vontu.
DeSocio already had experience with other solutions through the agency’s trading partners, many of whom used different email systems. “I did some research, enough to get a feel for them,” he explained. “Some are good, and some are not so good.” Among the candidates were ZixMail and a Cisco solution, which DeSocio dismissed as “too expensive, too convoluted, and more difficult to integrate.”
“I came to the conclusion that the PGP system has the most flexibility, the most unique and comprehensive capabilities, is the most configurable, and was a very user-friendly interface. A lot of the other solutions would require much more effort,” DeSocio said.
The agency contacted Aurora on the recommendation of Symantec. “This project focused on determining sensitive data, routing it properly, and securing it with PGP encryption,” explained Dennen Monks, a security architect and Professional Services Engineer at Aurora.
There were several challenges Aurora would have to overcome, among them a complicated routing and VLAN structure and the integration of multiple appliances and server applications.
“Aurora’s task was three-fold: to set up the PGP Universal Server infrastructure, to integrate the communication between Symantec Brightmail MTA, Symantec DLP, and PGP Universal, and to provide full knowledge transfer during the consulting engagement. Aurora’s understanding of all three solution sets allowed for quick and robust integration and strong central policy creation,” Monks said.
“It went very well,” DeSocio reports. “We were very pleased with the systems they gave us on the front end, as far as the licensing and acquiring the software. And the Aurora engineer Dennen, that assisted us with the installation process, was extremely knowledgeable about the product. The guy is awesome.”
As a result, PEBP now has a verbose secure email encryption solution in place, based on trusted DLP policy. “We’re very happy with it,” DeSocio says. “Whenever we have a question or an issue Dennen is always more than happy to put in the extra effort to take care of it.”
The agency has now set up an ongoing service agreement with Aurora. “The agreement enables us to contact them if we have an engineering issue we can’t solve ourselves, so they can remotely look at the problem and provide a solution,” DeSocio said.
Aurora provides comprehensive security consulting services for mid-market and enterprise level customers. Our security assessment services are centered on Application Security, Network Security and Endpoint Security. From quick Vulnerability Assessments to deep dive Security Strategy Development, our security professionals include practical recommendations with a holistic approach to information privacy. Aurora specializes in implementing solutions that cover Web Security, Email Security, Endpoint Security, Application Security and Data Encryption. Solutions are customized to the customers’ environment and preferences. We encourage deployment flexibility by providing solutions in the form of software, appliances, virtualized solutions and SaaS.