MyHeritage: Preserving Family History
MyHeritage is the leading destination for discovering, preserving and sharing family history. They offer an online platform and DNA kits so anyone, anywhere can collect and share their family stories. Founded in 2003, the company has grown into a global organization with 93 million users across 196 countries, 40 million family trees and 8.4 billion historical records.
MyHeritage employs 420 people who work in Israel, North America and Europe. Nearly 100 people in sales and support needed access to applications and data stored on the company’s two data centers: one in the U.S. and one in Israel.
The company was looking for a solution that would provide secure, reliable connectivity to data centers for the sales and support team while reducing IT overhead.
Key employee challenges were:
- Multiple data centers: Employees everywhere needed access to both data centers.
- Multiple VPN solutions: Employees often had to connect via VPN to one data center and then disconnect and connect to the other to get needed information.
- Slow and unreliable: Employees faced delays and frustration due to common ISP disruptions. VPNs were slow, and OS updates often caused the client to stop working properly.
The IT team had challenges of their own.
- Security vulnerabilities: Users had access to entire subnets via the VPN, rather than only the specific applications they needed.
- Help desk overhead: Issues with the VPN client, slow connectivity and internet-related issues resulted in a large volume of help desk calls.
- Management overhead: Each member of the sales or support team had at least one device with a VPN client that required installation and maintenance by the overburdened IT team.
“... the Meta solution is much simpler and more convenient for our IT team and our users.”
- Moshe Magal, IT team leader
Leveraging a cloud-native global backbone, Proofpoint Meta provides MyHeritage with the high-performance, anytime/anywhere connectivity needed to run their business. MyHeritage benefits from full auditing and visibility over all network traffic for full control over their sensitive data. With the first stages under way, Meta has laid the groundwork to scale out and up as needed. The next stage is the development teams, and, from there, the sky’s the limit.
- Data center: MetaPort, a lightweight gateway to Proofpoint Meta, replaced the Fortigate VPN and OpenVPN setup in each MyHeritage data center.
- Users: Users with managed corporate devices were onboarded with a single Meta client, which they use to access Proofpoint Meta. Users with unmanaged devices were provided with secure remote access via their browser, so there was nothing to install.
- Secure Access: From Proofpoint Meta, users can access any applications that they are authorized to use without having to know where the applications are located or having to connect/disconnect VPN clients.
“Our Sales and Support teams have seen an increase in productivity because they now connect once, and access everything they need.” - Moshe Magal
For the MyHeritage IT team, the improvements are clear.
- One flat, logical network: The Proofpoint Meta solution removed the MyHeritage team’s dependence on multiple VPNs and acts as the central fabric through which all network elements are consumed and managed.
- One way to connect: The sales and support teams have only one client and can connect to whatever they need, regardless of location. There’s no need to connect and disconnect.
- Better, faster user experience: With POPs dispersed around the globe, MyHeritage employees connect to the one closest to their location, thus reducing latency. The comprehensive network overlay optimizes routing for better performance than VPN over the internet.
- Simplified management: Meta unified the network and security policies for easier management. There is only one VPN client. Since it leverages the native capabilities of the OS, it is unaffected by updates.
- Enhanced security: The Proofpoint Meta software-defined perimeter enables MyHeritage to define access policies for resources, subnets and services accessible to each user group. If a user doesn’t have explicit access to a resource, it is invisible.