Palms Casino Resort in Las Vegas, Nevada first opened in 2001, and holds 1,200 rooms and suites in a 95,000 square-foot casino. Palms operates multiple pools, a recording studio, shops, a 60,000 square-foot meeting and convention space, spa, 2,500-seat theater, and a Michelin-starred restaurant among its dining offerings.
Palms IT department manages, operates and supports a hybrid Cloud model, data centres, technical service centres, production scheduling functions, help desk, communication networks (voice and data), development, hotel, gaming, food and beverage, human resources, and finance systems.
Behind all the glitz and glamor at Palms, VP of Information Technology Eric Saint-Marc and his security team have a serious job to do—to protect the organisation against global cyberattacks. Skilled hackers are constantly attempting to steal data or extort large sums of money using advanced techniques to crack defenses and infiltrate internal systems.
The hospitality industry has been increasingly targeted over the past two years, including major hotel chains worldwide that have been victims of data breaches, primarily through point-of-sale (POS) systems.
Email, web scams, and ransomware attacks have also been problematic. In June, the FBI issued a public service announcement reporting that Business Email Compromise (BEC) schemes have caused an estimated $3.1 billion in total losses to approximately 22,000 enterprises around the world. Since January 2015, there has been a 1,300 percent increase in identified exposed losses.
“A large resort and casino like Palms experiences a much wider set of cyber dangers than most organisations,” said Saint-Marc. “We’re similar to a small city with our wide range of exposure. We have to protect hotel operations, restaurants, cafes and nightclubs, gaming machines, theater events, and convention spaces, as well as several lines of business (LOBs)— finance, sales, marketing, external and internal websites, and email.”
"We wanted something we could deploy rapidly with minimum disruption and maximum protection."
VP of Information Technology,
Palms Casino Resort
When Saint-Marc joined Palms in 2014, he recognised the need to improve the existing security posture to protect the organisation against sophisticated attacks. They were also challenged with staying current with software versions. “Our business runs 24x7, 365 days per year for which makes it difficult to update applications, servers and network software without disrupting operations,” he explained.
Why Trend Micro
Saint-Marc had been using Trend Micro™ ScanMail™ email security and Trend Micro™ Control Manager™ centralised management solution since 2004 at his previous security position. “As an Enterprise Application Architect myself, I appreciated Trend Micro’s design, build, implementation, and deployment strengths,” he said.
However, that didn’t stop him from continuing his vendor research. When he dove in and looked at Trend Micro in more detail, he was really impressed with the innovation. “Trend Micro has added new features that protect against the newer threats we see, like behavioral analysis, and had enhanced its multi-layered connected security support,” said Saint-Marc.
He found that with Trend Micro™ OfficeScan™, the entire security stack—endpoint protection, behavior analysis, zero-day vulnerability protection, firewall, power, and USB protection—is integrated and centralised under Control Manager. “We wanted something we could deploy rapidly with minimum disruption and maximum protection.” he explained.
"Trend Micro has added new features that protect against the newer threats we see."
VP of Information Technology,
Palms Casino Resort
Trend Micro’s responsive sales support has also added to the positive customer experience. “Our Trend Micro sales rep immediately helped us download and deploy a trial version of the software even before our quote was finalised,” said Saint-Marc. “To me, that demonstrates a clear understanding of customer needs and speaks volumes of their level of engagement,” he added.
Saint-Marc and his team’s first order of business was to strengthen endpoint and server security with Trend Micro™ OfficeScan™. Its advanced malware protection shields network endpoints, including POS and ATMs, from viruses, Trojans, worms, spyware, ransomware, and nasty new variants as they emerge. OfficeScan™ works in tandem with Trend Micro™ Deep Discovery™ to rapidly respond with real-time signature updates when new threats are detected. Trend MicroTM Deep Discovery™ Virtual Analyser contains a sandbox that allows on-the-fly threat analysis, providing immediate protection to users.
Next, the security team addressed endpoint and server patch management. Hackers use software security flaws as entry points to infiltrate systems. The SAMSAM crypto ransomware attack that targeted healthcare provider servers in early 2016 is just one example. Applying patches and keeping systems and servers up to date can break the attack cycle, but updates can disrupt daily operations, so protecting an enterprise while maintaining operations is a delicate balancing act, especially in Palms’ around-the-clock uptime environment.
Saint-Marc and his team implemented Trend Micro™ Vulnerability Protection, which features virtual patching to protect servers and endpoints. Virtual patching uses intrusion detection and prevention technologies to stop zero-day threats before they can act. “Trend Micro’s sophisticated vulnerability protection proved vital for our 365, 24x7 environment,” said Saint-Marc. Saint-Marc and his team then armed their Microsoft® email system with TrendMicro™ ScanMail™. It stops highly targeted email attacks and spear phishing using exploit detection, email, file, and web reputation technologies, and custom threat intelligence. The team also made security awareness a company-wide priority, working hard to make sure employees really understood the characteristics and dangers of phishing and other attacks and what steps to take to maintain vigilance.
“We know that 96 percent of security incidents come from internal sources and most are unintentional. They arise from inattention or security naiveté—loss of devices, unauthorised devices, or inadvertently responding to phishing attacks,” said Saint-Marc. “For example, just before tax season, our finance employees received a number of well-designed requests for employee W2s but were fortunately suspicious of their validity,” he said.