Case study: Save the Children

Regaining control of an extensive IT estate

Save the Children is a popular target for cyber threats. The organisation needed a centralized security solution to align with its IT strategy.

Customer

Save the Children

Products and services

F-Secure Elements Endpoint Protection
F-Secure Elements Endpoint Detection and Response

Industry

Not for profit

Country

UK, Global

Save the Children is one of the most prominent international NGOs in the world, dedicated to improving and protecting the lives of children around the globe. Founded in the UK in 1919, it has grown to become an international movement consisting of 29 member organisations, working across 120 countries. The organisation supports children both through direct action from its staff and volunteers and through influencing policy changes. It has helped to supply some of the most impoverished children in the world with access to shelter, food, safe drinking water, healthcare and education.

 

Key statistics:  

  • 24,000 staff across 120 countries
  • IT infrastructure spread across over 300 sites
  • More than 17000 endpoints
  • 250 IT staff

The cyber risk for NGOs

As a well-known global NGO, Save the Children faces a high level of cyber threat. Charity organisations are a popular target for cyber criminals and are particularly vulnerable to disruptive attacks such as ransomware due to the critical nature of their work. More than a quarter of UK charities have reported being the victims of cyber attacks over the last year and there have been several prominent incidents involving large global organisations.

Accordingly, cyber security is a high priority for Save the Children. The organisation safeguards sensitive information relating to vulnerable children, as well as the personal and financial details of its staff, volunteers, and donors.

Mark Hawkins, Global Humanitarian Technologies Manager at Save the Children, comments: “We’re actually more at risk than most commercial organisations. Not only do we have a huge amount of data that is attractive to cyber criminals, but our status also means we’re a potential target for politically motivated attacks by state actors. Ransomware and data theft are the chief security concerns.”

He continues: “We also need to manage and secure a huge IT estate across the world in widely differing environments. Some locations have little infrastructure, so we need a reliable, flexible approach to security.”

"We’re a potential target for politically motivated attacks by state actors. Ransomware and data theft are the chief security concerns."

-Mark Hawkins, Global Humanitarian Technologies Manager

Searching for a reliable, flexible solution

As part of its commitment to security, Save the Children reviews its provisions every five years. Having implemented a strict procurement process, the organisation always puts out a tender when renewing or replacing solutions and services.

Endpoint Protection (EPP) and Endpoint Detection and Response (EDR) are particularly important for providing a baseline of security across Save the Children’s large, diffuse IT estate. In line with wider efforts to establish a more centralised approach to IT and security management, the organisation needed a solution with a high level of functionality that could administer a large number of endpoints from a single point. 

Mark says: “The biggest question was: will it get the job done and reduce the threat against our organisation? We really needed something that would do what it says on the tin. The price point was also vital for us as budgeting is always a priority when it comes to public funds and donations.”

"The biggest question was: will it get the job done and reduce the threat against our organisation?"

-Mark Hawkins, Global Humanitarian Technologies Manager

Its position as an NGO also means that ethical concerns play a greater role than they do for most private sector companies.

Mark adds: “As an NGO, it’s particularly important for us to do due diligence on any company we work with. A lot of our funding comes from public organisations and governments, so we need to avoid suppliers that have known or rumoured connections to state bad actors. This was a prominent factor in our decision to move towards a new endpoint security provider.”

During the tender process, Save the Children was introduced to F-Secure via its long-term channel partner Flow Communications. Flow has been a trusted provider for Save the Children for several years, working closely with the organisation on a number of IT and security services and solutions.

Mark comments: “Flow is an excellent partner and very good at recognising and reacting to our needs. We have a strong relationship with them, so we knew we could trust their judgement when they recommended F-Secure as a supplier for our EPP and EDR demands.”

F-Secure stood out from the competition as a well-established provider with a strong track record going back over 30 years. Its reputation as a highly ethical independent company was also an important factor.

Crucially, F-Secure also met Save the Children’s need for a tightly balanced budget.

“On the financial side of things, we always need the best value for money without compromising quality,” adds Mark. “When we get to the point of reviewing products there is a huge amount of competition in this space, so F-Secure’s ability to offer the same functionality at a better price point was a big win.”

As a result of these factors, Save the Children opted to take on both F-Secure Elements Endpoint Protection and F-Secure Elements Endpoint Detection and Response to help protect its IT infrastructure

"On the financial side of things, we always need the best value for money without compromising quality."

-Mark Hawkins, Global Humanitarian Technologies Manager

As a result of these factors, Save the Children opted to take on both F-Secure Elements Endpoint Protection and F-Secure Elements Endpoint Detection and Response to help protect its IT infrastructure.

Securing global IT estate

Once Save the Children selected F-Secure, it began rolling out the solutions to its global IT estate in waves. The UK offices were completed first, accounting for around 300 fulltime staff. F-Secure Elements Endpoint Protection and F-Secure Elements Endpoint Detection and Response were then rolled out across the world to every endpoint in the organisation’s estate.

Mark comments: “The roll out went very smoothly and we needed little by way of support, even accounting for the areas where internet connectivity is unreliable. The fact that the F-Secure agent sits on the endpoint itself is very useful for these areas.”

He continues; “Once the implementation was complete, we immediately saw the benefits of F-Secure’s accessibility. It’s now very easy for us to get real-time reports of performance and threat data from any of our locations.”

"Once the implementation was complete, we immediately saw the benefits of F-Secure’s accessibility. It’s now very easy for us to get real-time reports of performance and threat data from any of our locations."

-Mark Hawkins, Global Humanitarian Technologies Manager

Alongside the ease of implementation, Save the Children was also impressed with F-Secure’s flexibility when it came to uninstalling the solutions.

“This was important for us as it’s been an issue in the past,” Mark comments. “Some anti-virus can be so persistent it’s like a form of malware itself.”

F-Secure has delivered strong results in protecting Save the Children’s endpoints from cyber threats. More than 100,000 attempted malware infections are identified and resolved across Save the Children’s global infrastructure in an average month. In particular, the solutions continually block thousands of attempts by worms designed to hide in the system and download further malicious software. F-Secure also manage around 8,000 software updates every month, with over 2,000 of those relating to critical security.

Looking to the future, the organisation is considering expanding its relationship with F-Secure to include content filtering, another important requirement for the group.

“We need to ensure that none of our machines are used to access inappropriate content or anything that can expose our network to threats,” explains Mark. “Bringing content filtering under the F-Secure umbrella along with EPP and EDR will help us to improve visibility and meet our goal of managing everything centrally.”

"We need to ensure that none of our machines are used to access inappropriate content or anything that can expose our network to threats."

-Mark Hawkins, Global Humanitarian Technologies Manager

Additional Statistics:

  • >100,000 malware threats identified monthly
  • ~ 8,000 software updates monthly
  • >2,000 critical security updates monthly

Protect your security space and ensure business continuity with F-Secure Elements Endpoint Protection