A small agency with a big mission, the Kansas Development Finance Authority (KDFA) promotes economic development and prosperity for the state of Kansas by providing efficient access to capital markets through various tax-exempt and taxable debt obligations. KDFA works with public and private entities to identify financial options to fund capital projects for public and private entities.
As a small organization playing an outsized role in the economy of its state, KDFA depends on IT to maximize its productivity.
“We run enterprise-ready systems around the clock, enabling our staff to be as nimble and efficient as possible,” says Jeff Kater, KDFA’s director of IT.
When the agency recently suffered six ransomware infections within a six-to-eight month period, the deficiencies of the security solutions it had relied on became all too apparent. Part of the problem: leveraging antivirus technologies that identified exploits by definition, not technique—so that even minor variations could slip through undetected. With each incident leading to days of disruption and cleanup work, a better approach to malware and ransomware was essential.
So they turned to Citrix to implement a cyberdefense strategy built into the deepest level of their virtual desktop infrastructure (VDI), eliminating the possibility of future malware and ransomware breaches.
Enable multilayered protection from the server to the desktop
To combat these breaches, KDFA implemented Hypervisor Introspection (HVI) on Citrix XenServer, which hosts their virtual apps and desktops from XenApp and XenDesktop, as well as their entire IT infrastructure.
While there are millions of variations of malware, hackers only have a limited set of attack techniques to gain remote access to a victim’s system. XenServer is the only hypervisor that uses Bitdefender Hypervisor Introspection (HVI) to proactively detect these attack techniques, protecting against zero-day attacks, and even preventing unknown exploits.
The agency uses Citrix XenApp and XenDesktop to publish virtualized, sandboxed, and hardened browsers to insulate business data and corporate networks from web-based malware.
In addition to accelerating application performance, Citrix NetScaler VPX provides consolidated, SSL VPN-based remote access and improves application security with centralized policy management.
The agency also centralizes data with Citrix ShareFile, a secure and robust enterprise data sync and sharing service, to keep data out of reach of ransomware, facilitate backups, and maintain clean versions of every file for rapid restoration without the need to pay ransom. By maximizing the capabilities of a comprehensive Citrix digital workspace solution, the agency was able to modernize their entire security strategy.
Eliminate breaches by all types of malware—known and unknown
An agentless solution, XenServer provides a set of APIs that allow for inspection of guest memory outside of the guest.
“XenServer has eliminated security blind spots,” Kater says. “We are now able to protect from beneath the kernel and user spaces, stopping malware exploits via attack patterns and techniques in a secure layer where they cannot reach. The once-thought-impossible agentless solution is now a reality,”
Combined with the security benefits of the Citrix Workspace - XenApp and XenDesktop, NetScaler, and ShareFile - the solution has brought KDFA to new levels of security; since implementation, the agency has not experienced a single breach.
Enable any-device productivity with full security
“Our XenApp and XenDesktop VDI infrastructure running on XenServer helps KDFA become highly nimble, efficient, adaptive and productive by allowing for secure computing anytime, anywhere, on any device,” says Kater.
Agency staff can use any device they choose, from laptops, thin clients and zero clients to tablets and smartphones, using a single, consistent portal to access their apps and desktops. Server-side access secure policies provide an extra level of protection while allowing people to become productive from anywhere.
Simplify IT and reduce its costs
Citrix Workspaces helps Kater’s one-person IT shop manage KDFA’s enterprise-grade infrastructure simply and cost-effectively. The light footprint of XenServer minimizes hardware requirements. Centralized management simplifies routine updates, while open-source development provides a constant stream of innovations and enhancements.
Instead of performing individual updates on each employee’s device, Kater can simply update XenApp and XenDesktop master images with the latest Windows updates and security patches.
Because NetScaler is software-defied, it help the agency reduce hardware server costs, consolidate their remote access infrastructure, and provides one-URL access to virtual resources for a simple, efficient experience for users and Kater alike.
In the year since implementing HVI, KDFA did not experience a single security breach. Even the global WannaCry outbreak failed to break through. With Citrix, KDFA has solved its ransomware problem while creating a more secure environment to protect against emerging threats moving forward.
“Innovation drives the future. Citrix is leading the charge in security innovation with their revolutionary approach to protecting mission critical data,” says Kater.