Edit Product Image/Text here

Reduces malware attacks with help from Trend Micro

Overview

In addition to the construction of Enterprise Resource Planning (ERP) packages, production control systems, and Business Intelligence systems, Lotus Business Consulting provides a diverse array of services, including maintenance support and help desks on a global scale. The company’s strategic partnership with SAP provides wide-range measures for everything from system construction to deployment, operational testing, and maintenance support. It has expanded its business in recent years to also offer cloud services.

Lotus Business Consulting uses IBM SoftLayer® as a service platform to transform SAP Business One into software as a service (SaaS), and began offering Cloud One for SAP Business One. The cloud-based solution allows customers to use SAP Business One as a service without owning any pre-existing infrastructure. As a result, the solution has gained a great deal of attention as the ultimate service for small-to-medium-sized enterprises with limited budgets and workforces, as well as for the overseas offices of global companies.

Challenges

Cloud One for SAP Business One supports the core work of Lotus Business Consulting’s customers, making security a top priority. To secure the applications of these clients, Lotus had been responding to a growing number of targeted attacks, and it faced operational challenges with vulnerability issues.

Although security patches were distributed, Lotus had to exercise caution when applying these patches. “First, we applied patches in a local test environment. Once we verified whether the application was operating correctly, we applied the patches in the actual environment,” said Yoshiki Oshima, Executive Officer at Lotus Business Consulting. “Because this process is carried out manually, it takes a minimum of three days until the patch is applied.”

This manual application of security patches presented significant security challenges for the company. For example, if an attack targeted the vulnerability during the three-day patching period, it could inflict major damage to their system. ”We sometimes worked on our days off or during the night in order to apply the patches as soon as possible,” said Masayo Akaishi, an Associate at Lotus.

"Security is essential for Cloud One for SAP Business One, which supports core operations. Thanks to Deep Security’s comprehensive protection, we can recommend the solution with confidence."

Masao Shimokoriyama,
CEO  

Why Trend Micro

To solve the vulnerability patching issue, Lotus Business Consulting deployed Trend Micro™ Deep Security™. Deep Security™ is a comprehensive all-in-one server security solution providing an array of functions, including malware countermeasures, intrusion detection and prevention (IDS/ IPS), web reputation, host-type firewall, system change monitoring, and security log monitoring. “If you deploy individual solutions against diversified and sophisticated threats, it’s easy to overlook some measures, and it increases the operating burden,” said Masao Shimokoriyama, CEO at Lotus Business Consulting. “In contrast, Deep Security can deal with a diversity of risks in an integrated manner.”

Deep Security™ ensures the safety of the company’s service platform against vulnerabilities while minimizing its operational burden. “We learned about Deep Security’s ease-of-use through a hands-on seminar. What’s more, because Trend Micro is an IBM Premier Business Partner, Deep Security offers a high degree of compatibility with IBM SoftLayer, which is our service platform,” said Akaishi.

"Deep Security runs on Hypervisor, so it can easily support additional instances, and is compatible with IBM SoftLayer."

Yoshiki Oshima Executive Officer,
SAP Certified Solution Consultant (SBO) Lotus Business Consulting

Solution

Lotus Business Consulting used the virtual patch function of Trend Micro™ Deep Security™ to block attacks by creating an environment in which security patches are applied virtually. Because attacks are blocked at the network level, there is no need for system-side fixes, and there is minimal impact on running applications.

Deep Security™ also protects the company’s system with virtual patches during the security patch testing period. “The testing period for security patches was a kind of ‘vacant period’ where vulnerabilities could not be protected. With Deep Security, we have minimized our exposure to risk,” said Oshima.

"Deep Security provides virtual patches that not only improve security by protecting system vulnerabilities, they also effectively reduce our operating burden."

Masayo Akaishi Associate,
Consulting Services 3rd Department Lotus Business Consulting

Results

The use of Trend Micro™ Deep Security™ has greatly improved the security level of Cloud One for SAP Business One. Deep Security™ has also decreased the operational burden on the company’s security staff. “In the past, when emergency patches were released, we had to perform the work required for their application, whether this was on a day off or in the middle of the night. However, we now feel a sense of security due to the protection provided by the virtual patches, so we are able to take our time when applying them,” explains Akaishi.

There were other benefits as well. For example, Deep Security™ automatically protects the instances that have been added using the Auto Scaling of IBM SoftLayer® to strengthen security without inhibiting the scalability unique to cloud services. “Because Deep Security runs on a VMware Hypervisor, even in a multi-tenant environment, it is possible to provide comprehensive security measures for all instances. The setup also flexibly supports adding tenants while maintaining a homogeneous security level,” said Oshima.

What's next

The use of Trend Micro™ Deep Security™ has greatly improved the security level of Cloud One for SAP Business One. Deep Security™ has also decreased the operational burden on the company’s security staff. “In the past, when emergency patches were released, we had to perform the work required for their application, whether this was on a day off or in the middle of the night. However, we now feel a sense of security due to the protection provided by the virtual patches, so we are able to take our time when applying them,” explains Akaishi.

There were other benefits as well. For example, Deep Security™ automatically protects the instances that have been added using the Auto Scaling of IBM SoftLayer® to strengthen security without inhibiting the scalability unique to cloud services. “Because Deep Security runs on a VMware Hypervisor, even in a multi-tenant environment, it is possible to provide comprehensive security measures for all instances. The setup also flexibly supports adding tenants while maintaining a homogeneous security level,” said Oshima.