EPAM Systems, a leader in the IT sector, found itself at the forefront of managing the complexities of BYOD security, expanding cybersecurity regulations, and needing to address the increasing risks from WFH programs. Verifying whether personal or corporate-owned devices met strict internal compliance standards before accessing the enterprise resources became imperative, as well as the need to ensure that every file was free from malware or vulnerabilities before being uploaded to their central storage.
Security, Compliance, and Efficiency
In response to these challenges, EPAM turned to OPSWAT for a comprehensive cybersecurity solution that would enable them to maintain a secure work environment without compromising on efficiency. They adopted MetaDefender IT Access, which empowered them to conduct thorough device security and vulnerability checks, compliance validation, detection of unwanted applications, and advanced threat detection.
In addition to controlling and monitoring access to IT systems, EPAM also seamlessly integrated MetaDefender Cloud with Deep CDR and Multiscanning technologies to protect corporate and customer information that was uploaded into their central storage. MetaDefender Cloud allowed EPAM to implement a detection-based approach to file security (Multiscanning), while also preventing hidden file-borne attacks by deconstructing and regenerating sanitized, safe-to-use files with Deep CDR.
We are also migrating our system’s file storages to a central storage platform, looking for a secure way to verify all the files uploaded are safe and clean for our storage—I was glad to be exposed to the OPSWAT MetaDefender platform. It’s a fantastic solution—in the cloud or on-prem—to check any file before it’s uploaded to our systems. We use both Multiscanning and Deep CDR technologies to verify that no malware or vulnerability is entering our central storage that includes our corporate and customer’s sensitive information.
Miroslav SklanskyHead of Information Security Technology at EPAM
Device Visibility, Control, and Compliance
The implementation of MetaDefender IT Access brought transformative results for EPAM.
- EPAM has visibility and control over more than 70,000 devices distributed among nearly 40,000 global employees, clients, and contractors.
- EPAM can validate compliance with security and access control policies.
- Remote users can securely access the network using their personal devices with confidence.
With OPSWAT, we get visibility and control—with high confidence—into every remote user’s security compliance posture regardless of where they are and what device they’re using,” says Miroslav Sklansky, Head of Information Security Technology at EPAM. "Once the agents were deployed, we were quickly able to validate more than 70,000 remote user devices’ security before accessing our network, with no impact to productivity. OPSWAT’s products are crucial parts of our zero-trust strategy.
Miroslav SklanskyHead of Information Security Technology at EPAM
With MetaDefender IT Access, EPAM can perform the following device security checks:
Vulnerability Checks
Reporting devices with unpatched applications or blocked access to devices with critical vulnerabilities within operating systems or 3rd party applications.
Compliance Validation
Reporting non-compliant devices and configuring some policies with self-remediations; for example, the status of antimalware definitions—non-compliant device protection to ensure devices are compliant with existing policies.
Unwanted Applications Detection
Continuously detecting, blocking and disabling unwanted applications such as peer-to-peer applications, browser plugins, and unauthorized remote access tools. This helps EPAM stay compliant, reduce the attack surface for malware, prevent data loss, and mitigate copyright infringement risks.
Advanced Security Measures Safeguarding EPAM's Data
EPAM leverages OPSWAT MetaDefender Cloud hosted on AWS North America and AWS EMEA, a cloud-based threat detection and prevention platform powered by OPSWAT technologies for scanning of files and hash lookups on controlled devices. With Deep CDR and Multiscanning technologies in place, EPAM benefits from:
Zero-day Attack Protection
Deep CDR is used to prevent both known and unknown file-based exploits. It safeguards against zero-day attacks by treating every file as a potential threat. Malicious content is neutralized while file functionality is preserved in a sanitized format. Deep CDR recently achieved a 100% Protection and Accuracy Score from SE Labs.
Advanced Threat Detection
MetaDefender Cloud continuously scans device storage by leveraging more than 30+ anti-malware engines. This enables EPAM to ensure the highest rate of detection and protect endpoints from malware that may not be detected by on-device anti-malware software.
Peripheral Media Protection
Scanning to detect for any malware from USB drives, SD cards, and other peripheral media used by remote workers.
EPAM quickly saw the benefit of Advanced Threat Detection with MetaDefender Cloud bundled with their MetaDefender IT Access implementation. EPAM's MetaDefender IT Access instance was performing hash lookups and file scans using MetaDefender Cloud for more than 50 million files per day during peak times.
Deployment and Customer Support
Despite EPAM’s network complexity, OPSWAT was up to the task. The OPSWAT Customer Success team worked shoulder-to-shoulder with the EPAM IT Security team, ensuring that the implementation supported EPAM’s key requirements across different countries, policies, device types, and user experience.
Working with OPSWAT was a very positive experience, a true partnership. What contributed to the success was their willingness to focus on what we needed. There was very good communication and a lot of transparency during the whole process. I am confident OPSWAT will address any new requirement in a timely, professional and scalable manner.
Miroslav SklanskyHead of Information Security Technology at EPAM
To see how OPSWAT’s innovative solutions can keep your critical infrastructure secure, talk to an expert today.
