External Id
4

Modern user experiences from day one with pdf

Solutions

Products

MAX Burgers aims to provide high-quality food and an enjoyable experience for guests. The Swedish company has expanded into Denmark, Norway and, most recently, Poland. With this steady growth, security risks have become a greater concern. Instead of managing user privileges manually, MAX Burgers looked to implement a more efficient solution in the cloud and leave system maintenance to a competent technology provider.

  • Country

    UNITED STATES

  • Industry

    Food Services

  • Website

    maxburgers.com

Challenges

As ongoing growth increased potential security risks, MAX Burgers decided that privileged accounts with extensive system access needed stronger protection and control.

orange bg dots

Safeguard helps us address critical security concerns, and the support and technical expertise from One Identity are flawless..

Mangnus Johansson Solution Architect, MAX Burgers

Solutions

MAX Burgers collaborated with technology consultancy Arctic Group to implement One Identity Safeguard to secure privileged accounts and gain greater visibility of user activities.

Benefits

  • System access in minutes or hours instead of days or weeks
  • Building access cards in 2 days, not weeks
  • Directors save weeks annually
  • Stronger security and control

The Story

Identifying a best-fit solution for securing privileged accounts

The MAX Burgers IT team reviewed several privileged access management (PAM) offerings, including Safeguard from One Identity. Mangnus Johansson, solution architect at MAX Burgers, says, “Safeguard enables session-based authentication with activities logging and excellent traceability of user behavior. It suited us best because compared to competing products, it offers a more robust architecture, better integration capabilities and a more intuitive user experience.”

Strengthening MAX Burgers’ security posture and awareness

MAX Burgers collaborated with consultants from Arctic Group to implement Safeguard. The solution integrates with the company’s identity and access management technology (IAM) as well as Active Directory and Microsoft Entra ID, where all privileged accounts reside. Once onboarding is complete, it will fortify the security of privileged accounts for IT team members and consultants involved with technology infrastructure and software development. Automations will extend some access privileges requested by users. “The users are on our side,” notes Johansson. “They immediately accepted two-factor authentication and the fact that their access privileges now have a time limit. Overall, Safeguard has greatly helped us elevate security awareness across the organization.”

The IT team finds that Safeguard is easy to manage and configure to reflect the company’s account management practices. Safeguard features such as locking identities to prevent misuse make a big difference in the company’s security posture. “We now have better control and visibility of privileged accounts, so the company operates at a higher level of security,” says Johansson.

Although MAX Burger systems are still exposed to phishing attempts and other fraudulent or criminal activities that plague so many businesses, the actual risks have diminished. “Thanks to the account control and visibility Safeguard enables, we have reduced our potential attack surface and strengthened the security of the entire technology environment,” Johansson adds.

Ensuring account security as the business continues to grow

As MAX Burgers continues to grow in terms of accounts, locations and markets, its single instance of Safeguard will continue to ensure the integrity of privileged accounts. Says Johansson, “Safeguard will scale with us in a transferable, extensible configuration. In a new market, we can simply onboard additional privileged identities just like we have done so far.”

When it’s time for MAX Burgers to reassess the effectiveness of its IAM technology, One Identity will receive significant consideration. “One Identity provides strong, highly reviewed IAM solutions that would offer useful synergies,” Johansson says. “We have already seen that Safeguard helps us address critical security concerns, and the support and technical expertise from One Identity are flawless.”

Health Care Organization Speeds Up Recovery After a Ransomware Attack

A large health care organization uses Quest Recovery Manager for Active Directory Disaster Recovery Edition to get their environments back up and running after a late-night ransomware attack. 

  • Industry

    Health Care

Challenges

After a ransomware attack left the organization in need of recovery, the organization’s IT teams needed to determine which parts of their environments were backed up, which needed to be completely remade and how to get the infected portions out of their system in a timely manner to keep their health care operations as unaffected as possible. 
 

orange bg dots

Quest being available to assist in this situation was huge because everyone was scrambling trying to figure out where to start..

Former Employee

Solutions

Quest Recovery Manager for Active Directory Disaster Recovery Edition ensured that the organization’s primary forest was backed up and could be recovered within a day.  

Benefits

Assurance of patient care and quick restoration of business functions  
Fully backed up environments that can be recovered within a day 
Risk removal through in-depth cyber resilience  

The Story

Introduction

A few years ago, IT team members of a large health care organization got an alert in the night that there was suspicious activity going on in their Active Directory environments. A few hours of investigation later, they discovered that the organization had been attacked by ransomware. 
 
The teams rushed onsite to start the recovery process, but they were met with various problems that brought recovery to a temporary standstill. 
 

Growth Exposed Gaps in Recovery 

The organization had been undergoing many mergers and acquisitions. While they had Quest Recovery Manager backing up a portion of their environments, amidst the rapid organizational changes, the tool changed hands to new administrators and some forests had not been backed up. In addition, the company didn’t have a comprehensive business recovery plan in place either, meaning that their organization was offline, stressing the mission of continuous patient care at their hospitals and offsite locations. “Even though these companies will get a tool, they won’t have a plan,” said former member of the organization’s IT security team. “It’s not just the responsibility of IT and Active Directory administrators to make sure that they have their disaster recovery plan, but also the business plan.” 
 
The absence of a recovery plan resulted in one of the biggest issues they would face: IT administrators had no choice but to wait for the business side of the organization to determine priorities, procedure and protocol. This process took a while because legal and other branches of the organization had to be involved. “I think we as an organization weren’t prepared well enough from the business side in order for recovery to start moving really fast to not lose time and come back online and bring the environments back too,” commented another former employee. 
 
The clock was ticking, each minute the organization’s environment was offline and access to Active Directory was compromised, staff had to use pens and paper to maintain critical operations and assure patient care. The organization needed a recovery solution, and they needed it fast. 
 

Quest Cuts Recovery Time and Effort

Fortunately, the organization had already invested in Quest Recovery Manager Forest Edition to back up their biggest Active Directory (AD) forest and had implemented good practices. When Quest was alerted to the disaster the organization was facing, Quest offered an immediate upgrade to the Disaster Recovery Edition and expert guidance to get through the crisis. The Disaster Recover Edition helped IT recover that forest within the day, with automation both accelerating recovery time and improving accuracy. The former employees said that the solution’s automation, “Covered steps that we didn’t even know that we would have had to do. I can’t even imagine trying to sit there and do all these steps and read papers on how to do it natively.” 
 
To recover the other four forests that weren’t backed up with Recovery Manager, IT teams of at least two to three people took a few days each to recover since they had to rebuild from scratch. 
 
To prevent re-infection, Quest provided the organization the ability to reset privileged group accounts that were compromised, create a new administrative password and force the reset of privileged groups. With defence in depth, the stolen credentials couldn’t be used again by the cybercriminals who stole them. 
 

Lessons Learned

With the ransomware ordeal in rear-view mirror, the IT and security practitioners offer these recommendations for other organizations to avoid pitfalls and get their operations back online ASAP after a disaster: 
 
  1. Don’t wait for a disaster before setting up a recovery plan with both a technical and a business component. You need both to get recovery started ASAP and lower the negative impact on your business--for example, loss of revenue during the downtime, overtime costs and budget reallocation can prevent essential services such as third-party forensics.
  2. Practice table top exercises with scenarios such as being in network offline mode so everyone can understand how applications and services will perform. The exercise should include how business and IT should respond to make timely, informed decisions.
  3. Think of a disaster recovery plan and best-of-breed technology as insurance. You hope that you never have to use it, but industry trends point otherwise. Comprehensive, practiced disaster recovery plans help you and your colleagues sleep better knowing that if disaster strikes, whether from a simple mistake to a full-on ransomware and extortion attack, your team is ready for it.
  4. Budget for the increased storage space necessary for recovery. As your organization recovers, you need to set aside the infected areas for forensics and other review to see how the perpetrator got through, all while you’re trying to bring up the new environment. Many organizations don’t expect their environment to increase in size as they’re trying to recover, but it does and that’s something to keep in mind.
  5. In the event of company mergers and acquisitions, make sure to evaluate the new additions’ backup and recovery tools before IT budget decisions are made to ensure funding is available if the tools are outdated or inadequate.
 
“Quest being available to assist in this situation was huge because when everybody was scrambling and trying to figure out where to start, we had a Quest person who was totally concentrated on this one thing. ‘You can’t do anything until you do this, so let’s get this going. Let’s slowly start restoring and then we’ll go from there.’ That was huge.” 

Greater security through AD consolidation

Building material company uses Quest AD migration solutions to consolidate 31 Active Directory domains and 40,000 users into a single environment for their EMEA region, while enhancing security and avoiding disruption.

  • Industry

    Building Materials

  • Website

    https://www.holcim.com/

Challenges

Two leading companies in the building material industry merged to create one business, Holcim. Given the security risks associated with the high number and complexity of their environments — 31 different domains and around 40,000 employees — Holcim needed to find a solution that could consolidate their numerous Active Directory (AD) environments.

orange bg dots

The quality of the services that Quest offered to us was simply amazing..

Samuel López Trenado User Lifecycle Supervisor, Holcim

Solutions

Due to their complex environments, the Holcim team quickly realized that Microsoft proprietary tools were not equipped to tackle their elaborate consolidation. In the end, they chose Quest AD migration solutions for their convenience, efficiency and synchronization capabilities.

Benefits

  • Created a unified Active Directory.
  • Delivered a more controlled and efficient environment.
  • Ensured a zero-impact migration with no downtime or disruptions.
  • Increased security by reducing AD domains and shrinking the attack surface.

Holcim is a leading global building material company with a EMEA digital centre based in Spain, and specializing in innovative and sustainable building solutions. The company, birthed after the union of Lafarge and Holcim, two leading organizations in the industry, has operations in more than 70 countries and employs about 40,000 people in its EMEA region. When the company needed to consolidate and update its complex IT infrastructure after their merger, the team quickly decided it had to be done by Quest.

Before the companies merged, they had disparate Active Directory approaches. Holcim had a single Active Directory domain, while Lafarge had 30 separate Active Directory domains within a global forest – one for each country in which it operated.

Consolidating 31 Active Directory domains into one

Following their company merger, a companywide Active Directory consolidation project was defined to merge the 31 domains into a single environment. The consolidation project was led by Samuel Lopez Trenado, User Lifecycle Supervisor, who was working as the Active Directory team lead at the time.

The company chose this approach after acknowledging that having so many Active Directory domains was a security risk. “If you have more Active Directory domains, for sure you will have more security issues,” Lopez Trenado said. “You have more points where you could be compromised.”

To create a centralized system with optimal control and security, they needed a single directory structure.

Lopez Trenado analyzed the solutions on the market that they could utilize to achieve the most seamless consolidation. Due to their complex system integration challenge, the Holcim team quickly realized that Microsoft proprietary tools were not equipped to tackle the elaborate consolidation process that was ahead of them.

The team decided on selecting Quest AD migration solutions for their convenience and synchronization capabilities. The company also had previous experience with Quest’s professional services and were impressed by their efficiency. “In terms of proximity and quality of the services commitment and business understanding, I think that the professional services are much better than others,” Lopez Trenado said.

Seamless migration with no downtime or end user impact

Holcim used Quest AD migration solutions to successfully consolidate its AD structure with minimal impact on users and no downtime.

Once the domains and tools were prepared for the migration, the local IT teams in each country were trained on how to execute the migration. The team set up a tool management process that was administered by a central team and executed by each local team. This process allowed the local teams to choose the most convenient timing for their migrations to happen – a key aspect that the team wanted to ensure during their migration process.

“This is a capability which is offered by Quest, but for sure is not offered by the native tool,” Lopez Trenado said.

The threat of disruption and downtime was something that the company was very cautious of when choosing a solution for their migration. They wanted to ensure that their users would be impacted as little as possible throughout the process. They were relieved when they discovered that the only effect the migration would have on their users was a simple computer restart that could be done at the users’ convenience.

“After users restart their computer, they are in the new Active Directory domain and everything works as it was working before,” Lopez Trenado said. “This is quite efficient.”

Enhanced security post consolidation

Holcim approached their Active Directory consolidation project from a security, compatibility and productivity standpoint. Their consolidation allowed them to implement a single sign-on approach for their users, improving the efficiency and security of their organization. Their consolidation helped modernize their business and set them up for future success.

“The quality of the services that Quest offered to us was simply amazing.”

Samuel López Trenado, User Lifecycle Supervisor, Holcim

Lessons learned

To companies preparing for an Active Directory consolidation, Lopez Trenado recommends being very clear on each member’s roles and responsibilities from the start of the project. He also advises keeping a playbook detailing each step of the process, so it can be easily replicated and executed by others.

Lopez Trenado chose to trust Quest with Holcim’s Active Directory consolidation because he believes Quest has the highest quality of professional services, the most advanced capabilities and the best technical advantages.

“This is what makes the difference between Quest and the other solutions or other vendors that you might find in the market,” Lopez Trenado said.

Global positioning partner protects their systems and simplifies complex environment

Solutions

With data centers geographically dispersed throughout the world, Topcon Positioning Systems, needed a backup and recovery solution that protected all their systems and was simple to use with their physical and virtual servers. NetVault Plus replaced their existing backup and recovery platform because it was more cost-effective and could handle their data centers located in multiple locations.

  • Industry

    Global Positioning

  • Website

    Topconpositioning.com

Challenges

With data centers geographically dispersed throughout the world, Topcon Positioning Systems needed a backup and recovery solution that protected all their systems and was simple to use with their physical and virtual servers.

orange bg dots

I’ve been with Topcon for 11 years, and I have said jokingly I would quit my job if they ever got rid of Quest® NetVault® Plus and QoreStor®..

Ernie Vega IT Manager

Solutions

Topcon Positioning Solutions deployed NetVault Plus to replace their existing backup and recovery platform because it was more cost-effective and could handle their data centers located in multiple locations.

Benefits

  • Reduced backup and storage requirements by 90%
  • Simple to use and deploy in multiple international locations
  • Protects all their systems, applications and data with a single solution
  • Gained disaster recovery readiness using backup replication to multiple sites

The Story

Topcon Positioning Systems, Inc. (TPS) designs and manufactures precise positioning products and solutions for global surveying, construction, agriculture, civil engineering, mapping and GIS, asset management and mobile control markets. The company has worldwide employee operations and dealer networks. Topcon Corporation was founded in 1932. It is the parent company of TPS and is traded on the Tokyo Stock Exchange.

Backup and recovery they can trust

Topcon Positioning System’s IT team has been a loyal customer of Quest since 2013. When the time came to upgrade their existing backup platform with a more cost-effective solution that could protect all their systems, applications, and data, their decision was easy.

After consulting with their Quest sales representative, Topcon chose NetVault Plus, which is a bundle of Quest NetVault enterprise data protection software with Quest QoreStor data deduplication, replication and cloud connection software.

“We didn’t have enough storage capacity and our backup platform needed to be replaced, so we invested in Quest NetVault Plus because it made sense for us financially and we could see that it could do the job,” said Ernie Vega.

Their organization had a complex IT infrastructure that would benefit from enterprise-class, cross-platform data protection that’s easy to use right out of the box and scales easily to accommodate data growth. They wanted to protect a variety of servers containing petabytes of data — from one web-based console. And they wanted support for multiple operating systems, applications, databases and storage devices. Such cross-platform versatility makes it easy to tailor NetVault Plus to match its IT infrastructure’s ever-changing and complicated landscape.

Cost-saving investment

As in most companies, budgets are shrinking, and funds are limited. NetVault Plus gave Topcon an affordable solution that reduced storage requirements by up to 90% and significantly reduced on-premises storage costs.

“Look, we’re saving a lot of money with Quest because we don’t need to worry about more capacity and more space for backups” said Ernie Vega.

Powerful disaster recovery strategy

In the United States, Topcon has six data center locations that send their replicated data to Livermore, California, as a secondary backup location as part of their disaster recovery strategy. In turn, anything unique to their Livermore location goes to Olathe, Kansas, where they have the exact same setup in place. With NetVault Plus, they can take advantage of powerful replication, deduplication and secondary storage options.

It didn’t take long for the NetVault Plus results to reach their Moscow location. “After hearing about our success, I flew out a couple of times to set them up and show them how it works, and now they love it.”

Quest has an intelligent, automated deduplication aware balancer that spreads the load dynamically, keeping “like” data together while spreading the load across any number of QoreStor servers. This keeps storage efficiency and performance high, reducing the risk of segregated data chains while simultaneously simplifying management tasks since the rest of the system treats it as if it were a single device. The storage pool becomes a logical representation of all storage. You would have just one storage pool and start with one QoreStor instance. When you’re running low on storage space, you can simply add another QoreStor instance into the mix.

Ernie Vega went on to say, “It’s nice because our backups happen in the expected timeframe, and we’re seeing a lot better performance over in the entire network.”

Protects systems applications and data

Topcon also wanted to simplify backup and recovery for their large, complex IT environment and protect all applications and data on-premises, in remote offices— from one intuitive console — with a scalable backup and restore solution.

They wanted a solution that they could eventually grow into with capabilities to protect Windows and Linux servers along with Office 365, Exchange, SQL, SharePoint, Oracle, SAP, SAP HANA, DB2, MySQL and many other applications in physical, virtual and cloud environments. And they wanted to support a wide range of storage, including SAN, NAS, VTL and tape, depending on the requirements of their various data centers.

Ongoing Quest support

Quest has a wide range of service and support features, including a knowledge base, user forums to connect with peers and technical documentation. Over the years, Topcon has had two sales representatives with whom they have built both professional and personal relationships with over the years. They often reached out to them with questions, confident they would hear back from them in a timely manner.

Ernie Vega stated, “We don’t have many backups issues, or at least we haven’t so far, but we know we can reach out at any time to support or any of our sales reps for assistance.”

About Quest

Quest creates software solutions that make the benefits of new technology real in an increasingly complex IT landscape. From database and systems management, to Active Directory and Microsoft 365 migration and management, and cybersecurity resilience, Quest helps customers solve their next IT challenge now. Quest Software. Where next meets now.

Government agency enhances cybersecurity

Solutions

orange bg dots

The hardest part of risk mitigation is actually communication — getting business users to understand why changes are necessary. BloodHound Enterprise gives us a clear visualization of the attack paths in our Active Directory so business users can see for themselves the urgency of removing certain permissions..

Information Systems Manager, State Department of Transportation

Quest SharePlex Aids Global Telecom in Data Replication, Availability and Disaster Recovery

orange bg dots

SharePlex is being used extensively in our organization. It’s part of our DNA, primarily when it comes to high availability of applications and maintenance....

Abhijit Arun Gujare Senior Oracle DBA at Cisco IoT

Building technology firm reduces enrollment time by 75 percent

orange bg dots

In the year we’ve been using KACE Cloud MDM, they’ve made more progress on it than we’ve seen in five years with most of our other IT products..

Erik Rastelbauer, IT project manager

Retailer Ensures PCI DSS Compliance

Solutions

orange bg dots

For PCI DSS compliance, we have to have turn on all native logging and provide auditors with complete logs for the past year…. Without InTrust, we would have run out of space a long time ago. .

Enterprise Administrator, Large Retail Chain

MSP avoids appliance capital expenses, offers clients software-based disaster recovery

Solutions

Challenges

EDSI’s small and medium business (SMB) clients needed backup and disaster recovery but could not afford dedicated appliances and software licenses for six
to 20 TB of storage.

orange bg dots

We like having the flexibility to implement QoreStor as a virtual appliance on any hardware we already have. It helps us sell even more..

Jeff Manuszak, CTO, EDSI Inc.

Solutions

Through Quest’s MSP program, EDSI uses QoreStor to offer software-based data protection services through Veeam Backup & Replication, with and without the CapEx of appliances. They can add licenses and increase storage space as their backup and recovery business grows.

Benefits

  • Assured SMB clients of smooth, scalable path to disaster recovery and backup using software
  • Lowered storage requirement through source-side deduplication when creating backups and replicating
  • Enabled support for Veeam repository without expensive, enterprise-grade license

School system deploys Windows images to more than 15,000 laptops across 27 sites in six weeks

orange bg dots

Seeing 1,200 machines being imaged in a single day was just extraordinary for us..

Service Desk Lead, Public School System
Subscribe to U.S.