Trofi Security keeps critical humanitarian artifacts secure with Check Point CloudGuard for AWS

For more than two decades, Trofi Security has been protecting large, enterprise-level companies and other organizations around the world from both physical and cyber attacks. One of its more prominent customers is the United States Holocaust Memorial Museum (USHMM) in Washington, DC. The museum is home to the world’s largest collection of physical and digital artifacts documenting the Holocaust. Since opening in 1993, over 46 million people from 132 different countries have walked through its doors. Online, the museum’s site saw more than 21.8 million visitors from more than 238 countries in 2020 alone. But all this visibility and traffic brings its own set of challenges. In fact, because the organization’s artifact collection is so large, and because it also documents and reports on current humanitarian atrocities as they happen around the world in real time, USHMM is frequently the target of cyberattacks from nefarious nation states and other bad actors. To keep its digital archives secure, Trofi Security and the museum rely on Check Point Software Technologies and Amazon Web Services (AWS). As a result, the museum has not seen any security breaches since 2012 — no small accomplishment from an organization that sees daily attacks from various nation-state actors.

Since 1999, Trofi Security has established itself as a leader in the information security industry. As proof of the company’s expertise and the level of trust it’s earned, one doesn’t need to look further than one of its more well-known customers, United States Holocaust Memorial Museum (USHMM). The museum was founded in 1993 and is dedicated to advancing and disseminating knowledge of the Holocaust. It’s also committed to preserving the memory of those who suffered by amassing a comprehensive collection of historical artifacts. In fact, in the years since it first opened, the museum has become internationally recognized for housing the world’s largest collection of both physical and digital artifacts that document the Holocaust and its atrocities.

 

Unfortunately, however, that recognition has brought with it an ever-increasing number of security threats, both physical and digital. That’s partly because some bad actors seek to remove and destroy the museum’s Holocaust artifacts. It’s also because one of the museum’s goals is to help educate the public about new humanitarian atrocities as they happen (like the Rohingya genocide in Burma), and doing so makes it more prone to attacks from nation states.

 

Because of all this, the Trofi security team realized early on they had a huge digital attack surface that needed to be aggressively protected — the responsibility for doing so was something everyone at Trofi and the museum felt was core to the organization’s mission.

Trofi first started working with Check Point in 2011 and doubled down on their commitment in 2014. Digital threats were becoming more of a vulnerability and the museum wanted to protect all its digital assets, which are housed on AWS. “We needed someone who saw our needs as a partnership, not a vendor transaction,” says Michael Trofi, founder of Trofi Security and vCISO for USHMM. “The big-name company we were working with back then wasn’t interested in that kind of relationship, but Check Point was. That was huge for us, because they understood the answer wasn’t just adding people; people can’t act fast enough to stay on top of cyberthreats. What we needed was a solution that integrates machine learning as well as AI — and that’s exactly what Check Point delivered.”

The Check Point solution has evolved since it was first implemented more than a decade ago. Today it involves three of the company’s key offerings that protect the museum’s assets on AWS: CloudGuard Network Security, Cloud Security Posture Management, and CloudGuard AppSec. “Back then, we started out with some on-premise gateways, then moved everything to the AWS cloud and Check Point let us manage both with a single interface along the journey,” Trofi says. “For advanced threat prevention of the perimeter and segmentation, we chose CloudGuard Network Security. To protect the Amazon S3 buckets, and to ensure continuous compliance, we rely on Cloud Security Posture Management. And to secure the web interface, we use CloudGuard AppSec, which gets more accurate the more you run it — perfect for the threat-hunting situation we’re in where foreign threat actors typically go ‘low and slow’ to find vulnerabilities.”

 

USHMM is a customer of Check Point Infinity consolidated security architecture, an ELA which provides access to all of Check Point’s technologies under a single security umbrella, and offers total protection and zero trust security.

Despite an ever-increasing number of attacks and a growing list of threats, USHMM hasn’t had a single breach since 2012. “The museum’s prevention rates are through the roof thanks to Check Point,” says Trofi. “That’s a huge accomplishment given the size of the attack surface the museum has. Especially since we can’t just block traffic from a certain geographic area. For example, some organizations might say ‘let’s just block all traffic from a specific country,’ but the museum can’t do that, because it serves a lot of people in that country.”

The partnership has been so successful, Trofi Security plans to invest more heavily in AWS and Check Point going forward. “Our next goal is to establish a more geographically diverse disaster recovery model on AWS,” says Trofi. “That will include elastic load balancing, so the museum will be able to spin websites up and down, as needed. Not only will this increase security, it will be more cost effective, because it doesn’t mean involving more people. We’ve already reduced the security team overhead by 50% and this will help even more. We’re also evaluating Check Point’s Network Detection and Response (NDR) capabilities, which use behavioral engines to discover advanced threats that may evade other cloud security solutions.”