Palms Casino Resort

Relies on Trend Micro to stay ahead of advanced threats

Overview

Palms Casino Resort in Las Vegas, Nevada first opened in 2001, and holds 1,200 rooms and suites in a 95,000 square-foot casino. Palms operates multiple pools, a recording studio, shops, a 60,000 square-foot meeting and convention space, spa, 2,500-seat theater, and a Michelin-starred restaurant among its dining offerings.

Palms IT department manages, operates and supports a hybrid Cloud model, data centers, technical service centers, production scheduling functions, help desk, communication networks (voice and data), development, hotel, gaming, food and beverage, human resources, and finance systems.

Challenges

Behind all the glitz and glamor at Palms, VP of Information Technology Eric Saint-Marc and his security team have a serious job to do—to protect the organization against global cyberattacks. Skilled hackers are constantly attempting to steal data or extort large sums of money using advanced techniques to crack defenses and infiltrate internal systems.

The hospitality industry has been increasingly targeted over the past two years, including major hotel chains worldwide that have been victims of data breaches, primarily through point-of-sale (POS) systems.

Email, web scams, and ransomware attacks have also been problematic. In June, the FBI issued a public service announcement reporting that Business Email Compromise (BEC) schemes have caused an estimated $3.1 billion in total losses to approximately 22,000 enterprises around the world. Since January 2015, there has been a 1,300 percent increase in identified exposed losses.

“A large resort and casino like Palms experiences a much wider set of cyber dangers than most organizations,” said Saint-Marc. “We’re similar to a small city with our wide range of exposure. We have to protect hotel operations, restaurants, cafes and nightclubs, gaming machines, theater events, and convention spaces, as well as several lines of business (LOBs)— finance, sales, marketing, external and internal websites, and email.”

"We wanted something we could deploy rapidly with minimum disruption and maximum protection."

Eric Saint-Marc,
VP of Information Technology,
Palms Casino Resort

When Saint-Marc joined Palms in 2014, he recognized the need to improve the existing security posture to protect the organization against sophisticated attacks. They were also challenged with staying current with software versions. “Our business runs 24x7, 365 days per year for which makes it difficult to update applications, servers and network software without disrupting operations,” he explained.

Why Trend Micro

Saint-Marc had been using Trend Micro™ ScanMail™ email security and Trend Micro™ Control Manager™ centralized management solution since 2004 at his previous security position. “As an Enterprise Application Architect myself, I appreciated Trend Micro’s design, build, implementation, and deployment strengths,” he said.

However, that didn’t stop him from continuing his vendor research. When he dove in and looked at Trend Micro in more detail, he was really impressed with the innovation. “Trend Micro has added new features that protect against the newer threats we see, like behavioral analysis, and had enhanced its multi-layered connected security support,” said Saint-Marc.

He found that with Trend Micro™ OfficeScan™, the entire security stack—endpoint protection, behavior analysis, zero-day vulnerability protection, firewall, power, and USB protection—is integrated and centralized under Control Manager. “We wanted something we could deploy rapidly with minimum disruption and maximum protection.” he explained.

"Trend Micro has added new features that protect against the newer threats we see."

Eric Saint-Marc,
VP of Information Technology,
Palms Casino Resort

Trend Micro’s responsive sales support has also added to the positive customer experience. “Our Trend Micro sales rep immediately helped us download and deploy a trial version of the software even before our quote was finalized,” said Saint-Marc. “To me, that demonstrates a clear understanding of customer needs and speaks volumes of their level of engagement,” he added.

Solution

Saint-Marc and his team’s first order of business was to strengthen endpoint and server security with Trend Micro™ OfficeScan™. Its advanced malware protection shields network endpoints, including POS and ATMs, from viruses, Trojans, worms, spyware, ransomware, and nasty new variants as they emerge. OfficeScan™ works in tandem with Trend Micro™ Deep Discovery™ to rapidly respond with real-time signature updates when new threats are detected. Trend MicroTM Deep Discovery™ Virtual Analyzer contains a sandbox that allows on-the-fly threat analysis, providing immediate protection to users.

Next, the security team addressed endpoint and server patch management. Hackers use software security flaws as entry points to infiltrate systems. The SAMSAM crypto ransomware attack that targeted healthcare provider servers in early 2016 is just one example. Applying patches and keeping systems and servers up to date can break the attack cycle, but updates can disrupt daily operations, so protecting an enterprise while maintaining operations is a delicate balancing act, especially in Palms’ around-the-clock uptime environment.

Saint-Marc and his team implemented Trend Micro™ Vulnerability Protection, which features virtual patching to protect servers and endpoints. Virtual patching uses intrusion detection and prevention technologies to stop zero-day threats before they can act. “Trend Micro’s sophisticated vulnerability protection proved vital for our 365, 24x7 environment,” said Saint-Marc. Saint-Marc and his team then armed their Microsoft® email system with TrendMicro™ ScanMail™. It stops highly targeted email attacks and spear phishing using exploit detection, email, file, and web reputation technologies, and custom threat intelligence. The team also made security awareness a company-wide priority, working hard to make sure employees really understood the characteristics and dangers of phishing and other attacks and what steps to take to maintain vigilance.

“We know that 96 percent of security incidents come from internal sources and most are unintentional. They arise from inattention or security naiveté—loss of devices, unauthorized devices, or inadvertently responding to phishing attacks,” said Saint-Marc. “For example, just before tax season, our finance employees received a number of well-designed requests for employee W2s but were fortunately suspicious of their validity,” he said.

Results

Trend Micro has made a significant impact on cyber security at Palms. “In the 18 months since we implemented Trend Micro, we reduced the number of infections 60 percent year over year,” said Saint-Marc.

With Trend Micro ™ OfficeScan™ ATM and POS fraud protection, Palms has also been able to achieve its goal of complete PCI compliance, a mark of good business stewardship that credit card customers appreciate.

In addition, the team has also gained IT efficiencies with pinpoint policy definitions and management through Trend Micro™ Control Manager™. “The ability to implement security policies specified by LOB, group, device, or individual means we don’t have to create them ourselves, which saves us hours of time,” Saint-Marc said. “Additionally, all members of our security team are expected to know how to run all our tools, and Trend Micro really makes our jobs easier with its integrated, consistent user interface,” he added.

Other business benefits are intangible, but equally valuable. “I can go home and sleep at night because I know that Trend Micro is working on our behalf. That is something you cannot quantify, but it’s priceless,” said Saint-Marc.

What's Next

“Our next security projects are to expand on data loss prevention (DLP) and data classification,” said Saint-Marc. Trend Micro™ OfficeScan™ DLP can stop accidental or malicious data leaks by identifying, tracking, and securing data wherever it moves through the network and cloud. As part of an integrated threat defense strategy, data classification goes hand in hand with DLP, identifying what is considered public, internal, confidential, or sensitive so that the appropriate level of safeguards can be applied.

Meanwhile, his advice to colleagues on the lookout for a top-notch security solution? “For the best possible feature set for the best possible price, Trend Micro cannot be beat,” he said.