contact us |
Sales Support
phone number 1.800.481.5880
Client Portal

Grassroots Campaigns (GCI) is an independent organization that does strategic consulting, fundraising, and field organizing for good causes and candidates. They specialize in building and running face-to-face outreach operations in neighborhoods and in high-traffic public venues to build support for groups, issues, and campaigns.

A strong security policy informs employees of what’s expected of them, and sets the tone for how the whole company handles the sensitive cardholder information it handles. As a result, one of the goals of GCI is to ensure that all employees are aware of the sensitivity of the data they handle and their responsibilities for protecting it. The purpose of this policy is to provide instructions on measures that must be taken by GCI employees to achieve a secure cardholder data environment, including the definition of company standards, procedures, and restrictions that apply to handling cardholder information.

GCI maintains two general use policies: the first is limited to employees who acquire cardholder data and handle it in hard-copy format only (Section A, “Policies for Field Office Employees”); the second expands in scope to cover policies applicable only to employees who convert and handle cardholder data in electronic format, and to employees who administer systems used in that process (Section B, “Policies for Administrative and Cashiering employees”). This policy also covers all systems and computers that are connected to GCI’s dedicated, 100% segmented Cardholder Data Environment network (hereafter “CDE network”). Currently only one computer comes into contact with cardholder information and is therefore part of the “cardholder data environment;” however, future revisions of this policy should take the following into account: 1. any changes in scope, including the application of this policy to additional computers connected to the internet via GCI’s CDE network connection (the definition of computers may include desktop workstations, laptop computers, handheld computing devices, and servers) 2. any expansion of the CDE network to include wireless connections, additional modem connections, or virtual private network connections

1. First, our team of Engineers have stripped down (aka "harden") a brand new Dell laptop (Latitude E5510). The goal was to get rid of everything except for what it takes to run a web browser via an Ethernet cable, i.e. deleting unnecessary functionality (user accounts, protocols, scripts, drivers, features, subsystems, file systems, and unused web servers - would want to include wireless capabilities and the USB port in this disabling). Additionally, we've changed all manufacturer-provided settings/passwords, and set access / user controls so that passwords are sufficiently complex and changed every 90 days; log-out occur after 15 minutes of inactivity; and lock-outs occur after 5 incorrect attempts to log-in 2. We’ve physically installed and configured the "security device" and the security software package it comes with (CheckPoint Edge X series, with "Total Security" and SmartEvent web-based system management). It is basically a router and hard-ware firewall rolled into one. This includes the same as above regarding system hardening and changing default settings, plus the following configurations: - All wireless capabilities were disabled or removed - Firewall was set up in a way that allows outgoing traffic to access only three specific websites, and does not allow incoming traffic. Enable stateful packet inspection, IP masking, intrusion detection and prevention systems (IDPS), and file integrity monitoring (FIM). We have set device to generate audit logs and export the info to the EventSmart online data base daily. - Virus-protection is scheduled to perform virus checks at daily intervals, and auto-update it's virus definition files. We have also set to generate audit logs and export the info to the EventSmart online data base daily.


ABOUT Berkshire Property Advisors, L.L.C.(BPA), is the operating entity of The Berkshire Group that is responsible for the property management of its multifamily portfolio and a series of funds including the Berkshire Income Realty Fund, a $600 million Real Estate Investment trust and Berkshire Multifamily Value Funds I and II. Berkshire Multifamily Value Fund I is a $300 million dollar real estate fund and Berkshire Multifamily Fund II is a $600 million Fund positioned to provide value-added investment returns by rehabilitating, redeveloping and repositioning high-quality multifamily real estate in major markets and submarkets throughout the United States.

CHALLENGE As any other enterprise class organization, BPA depend upon SonicWALL firewall devices to secure their network communications. It has been determined that their existing device needed to be changed and reconfigured. Additionally, BRA was looking to deploy more users to their existing infrastructure.

SOLUTION First, our team have installed and configured new SonicWALL device. After firewall has been configured, we had to make sure that all the computers were still able to access the internet. Then, we’ve replaced a 12- to 24-port CISCO switch in order to add more users into the infrastructure. The Operating System on 2 computers had to be reinstalled. BPA uses Landesk software, so it had to be installed and reconfigured. And lastly, all the system has been tested for proper functionality.

Untitled Document
  Request a quote
     or Call at 1-800- 481-5880