THE CLIENT
Established in 1998, Synchron has grown to become Australia’s largest non-institutionally owned financial advice company with a network of 500 advisors who service more than 200,000 clients.
The company provides a range of services including financial management and budgeting, debt strategies, superannuation, insurance, investment solutions, and managed funds.
THE CHALLENGE
As Synchron has grown in recent years, staff have become heavily reliant on the company’s IT infrastructure. Comprising centralised servers and a range of client devices, it supports everything from client communication to document management and financials.
As Synchron has grown in recent years, staff have become heavily reliant on the company’s IT infrastructure. Comprising centralised servers and a range of client devices, it supports everything from client communication to document management and financials.
THE INFRASTRUCTURE IS ACCESSED BY THE COMPANY’S TEAM OF 47 STAFF WHO ARE LOCATED THROUGHOUT THE NATION. ALL USE VPN LINKS TO LODGE CLIENT DETAILS AND CHECK ON THE STATUS OF APPLICATIONS.
Just as has been the case for many companies, the threats posed by cybercriminals have been constantly rising. These threats range from virus and trojan attacks to ransom-ware attempts that, if successful, could cause significant disruption and loss.
Don Trapnell, Director, Synchron, says the situation came to a head in early 2020 when they received a phone call from an insurance company business partner. The call had been prompted by the receipt of an unusual email message.
"The email appeared to have come from us and had an invoice for $125,000 as an attachment. The message also asked for clarification about a change that had been made to Synchron’s bank account details.”
A staff member at the insurance firm contacted Synchron to check up on the message and was quickly told it appeared to be fraudulent. Technology partner Viatek examined the email system and found the message had indeed come from a Synchron server, but had been generated by a cybercriminal.
"This prompted us to recognise that we needed to quickly improve our level of IT security.”
THE SOLUTION
Working closely with Viatek, the Synchron IT team evaluated a range of security options. The aim was to find a solution that was effective at reducing the risk of cyber attack but was also easy for staff to use on a daily basis.
After carefully assessing a shortlist of vendors, the decision was taken to deploy a multi-factor authentication system from WatchGuard. WatchGuard AuthPoint Multi-Factor Authentication and DNSWatch Go were installed to provide token-based security code access for all staff who were using Microsoft Office 365. All staff also installed the AuthPoint Authenticator on their smartphones. The deployment began in June, 2020 and was completed by July 2020.
THE RESULTS
With the WatchGuard solutions in place, Synchron was enjoying significantly enhanced levels of IT security.
"Now, when people enter the log-in credentials, they must also respond to the app on their phone. This provides another layer of security and means that, even if a cybercriminal obtains log-in names and passwords, they will still be unable to gain access to the IT infrastructure.”
Initial fears that the new software would make things too complex for some users have proven to be unfounded. All staff are finding it very intuitive and easy to use.
"It was certainly of value during the COVID-19 lockdowns as staff could work from home but also be confident they had robust security measures in place. This allowed us to continue operations with as little disruption as possible.”
Trapnell says WatchGuard is now a valuable component of the Synchron infrastructure and one that will provide protection against cyberattacks both now and in the future.
“At the end of the day, it is simple, and it just works – what more could you ask for?”
