Trofi Security keeps critical humanitarian artifacts secure with Check Point CloudGuard for AWS

Executive Summary

For more than two decades, Trofi Security has been protecting large, enterprise-level companies and other organizations around the world from both physical and cyber attacks. One of its more prominent customers is the United States Holocaust Memorial Museum (USHMM) in Washington, DC. The museum is home to the world’s largest collection of physical and digital artifacts documenting the Holocaust. Since opening in 1993, over 46 million people from 132 different countries have walked through its doors. Online, the museum’s site saw more than 21.8 million visitors from more than 238 countries in 2020 alone. But all this visibility and traffic brings its own set of challenges. In fact, because the organization’s artifact collection is so large, and because it also documents and reports on current humanitarian atrocities as they happen around the world in real time, USHMM is frequently the target of cyberattacks from nefarious nation states and other bad actors. To keep its digital archives secure, Trofi Security and the museum rely on Check Point Software Technologies and Amazon Web Services (AWS). As a result, the museum has not seen any security breaches since 2012 — no small accomplishment from an organization that sees daily attacks from various nation-state actors.

A massive artifact collection, a huge attack surface, and an even bigger responsibility

Since 1999, Trofi Security has established itself as a leader in the information security industry. As proof of the company’s expertise and the level of trust it’s earned, one doesn’t need to look further than one of its more well-known customers, United States Holocaust Memorial Museum (USHMM). The museum was founded in 1993 and is dedicated to advancing and disseminating knowledge of the Holocaust. It’s also committed to preserving the memory of those who suffered by amassing a comprehensive collection of historical artifacts. In fact, in the years since it first opened, the museum has become internationally recognized for housing the world’s largest collection of both physical and digital artifacts that document the Holocaust and its atrocities.
Unfortunately, however, that recognition has brought with it an ever-increasing number of security threats, both physical and digital. That’s partly because some bad actors seek to remove and destroy the museum’s Holocaust artifacts. It’s also because one of the museum’s goals is to help educate the public about new humanitarian atrocities as they happen (like the Rohingya genocide in Burma), and doing so makes it more prone to attacks from nation states.
Because of all this, the Trofi security team realized early on they had a huge digital attack surface that needed to be aggressively protected — the responsibility for doing so was something everyone at Trofi and the museum felt was core to the organization’s mission.

“People can’t react fast enough”

Trofi first started working with Check Point in 2011 and doubled down on their commitment in 2014. Digital threats were becoming more of a vulnerability and the museum wanted to protect all its digital assets, which are housed on AWS. “We needed someone who saw our needs as a partnership, not a vendor transaction,” says Michael Trofi, founder of Trofi Security and vCISO for USHMM. “The big-name company we were working with back then wasn’t interested in that kind of relationship, but Check Point was. That was huge for us, because they understood the answer wasn’t just adding people; people can’t act fast enough to stay on top of cyberthreats. What we needed was a solution that integrates machine learning as well as AI — and that’s exactly what Check Point delivered.”
"What we needed was a solution that integrates machine learning as well as AI — and that’s exactly what Check Point delivered."

- Michael Trofi, Founder, Trofi Security and vCISO for USHMM

A three-pronged solution

The Check Point solution has evolved since it was first implemented more than a decade ago. Today it involves three of the company’s key offerings that protect the museum’s assets on AWS: CloudGuard Network Security, Cloud Security Posture Management, and CloudGuard AppSec. “Back then, we started out with some on-premise gateways, then moved everything to the AWS cloud and Check Point let us manage both with a single interface along the journey,” Trofi says. “For advanced threat prevention of the perimeter and segmentation, we chose CloudGuard Network Security. To protect the Amazon S3 buckets, and to ensure continuous compliance, we rely on Cloud Security Posture Management. And to secure the web interface, we use CloudGuard AppSec, which gets more accurate the more you run it — perfect for the threat-hunting situation we’re in where foreign threat actors typically go ‘low and slow’ to find vulnerabilities.”
USHMM is a customer of Check Point Infinity consolidated security architecture, an ELA which provides access to all of Check Point’s technologies under a single security umbrella, and offers total protection and zero trust security.

Not a single breach since 2012

Despite an ever-increasing number of attacks and a growing list of threats, USHMM hasn’t had a single breach since 2012. “The museum’s prevention rates are through the roof thanks to Check Point,” says Trofi. “That’s a huge accomplishment given the size of the attack surface the museum has. Especially since we can’t just block traffic from a certain geographic area. For example, some organizations might say ‘let’s just block all traffic from a specific country,’ but the museum can’t do that, because it serves a lot of people in that country.”

Up next: Expand disaster recovery on AWS, enable load balancing, and deploy Check Point Network Detection and Response

The partnership has been so successful, Trofi Security plans to invest more heavily in AWS and Check Point going forward. “Our next goal is to establish a more geographically diverse disaster recovery model on AWS,” says Trofi. “That will include elastic load balancing, so the museum will be able to spin websites up and down, as needed. Not only will this increase security, it will be more cost effective, because it doesn’t mean involving more people. We’ve already reduced the security team overhead by 50% and this will help even more. We’re also evaluating Check Point’s Network Detection and Response (NDR) capabilities, which use behavioral engines to discover advanced threats that may evade other cloud security solutions.”
Trofi Security

About Trofi Security

For more than 20 years, Trofi Security has maintained an unwavering level of commitment to its customers. Each receives the very best guidance and service available. Its mission is to forgo quantity of business in exchange for quality. As a result, Trofi Security has established a reputation as a leading, boutique information security company that utilizes only senior-level experts as it serves its customers.

About Check Point Software Technologies Ltd.

Check Point Software Technologies Ltd. is a provider of cybersecurity solutions to governments and corporate enterprises around the world. Its solutions protect customers from fifth-generation cyberattacks with an industry-leading catch rate of malware, ransomware, and other attacks. Check Point provides a comprehensive and intuitive one point of security management system that protects more than 100,000 organizations.

Published March 2022