Arteris is one of the largest highway concession companies in Brazil. It is part of a division of Abertis, a world leader in the management of toll roads and infrastructure. With over 2,100 miles of tolled roads under its administration, including both federal and state roads, the company runs over 80 toll plazas, which include more than 900 booths and automated terminals. Arteris manages 700 million vehicles every year. To support this massive operation, Arteris has over 5,500 employees, with 3,000 of them working in back-office roles, dependent on technology to do their jobs.
The whole operation is supported by a large private optical fiber network, covering its extensive territory and connecting its operation centers. There are a total of 200 addresses throughout its operating areas. This allows for maximum connectivity, with total support for the heavy data traffic flowing among its many operation centers, while also offering maximum system uptime and making it possible to run the Intelligent Transportation Systems (ITS) technology. This tool enables the company to measure traffic density with precision, grants a near-total visual coverage of its roads, and cuts down response times to accidents and traffic events to a few minutes, as required by their strict SLA with the government.
As a large company with massive operations, the organization becomes a large attack surface for cybercriminals. When Luiz Ritzmann, CIO for Arteris, was assigned to run the company’s technology, one of his first steps was to assess what the most critical security demands were and which resources were dedicated to those tasks. As well, he took time to examine what incidents had the potential to compromise the security of user and internal structures, and evaluated the efficiency of all security tools being used.
“In a world where you create complexities that bring you benefits, you also generate downsides in managing this complexity”, stated the CIO. This has been confirmed by studies carried out by his security specialists; the company has been attacked, on average, 80,000 times every month. Nearly 60 percent of this total focused on the data center in the city of Araras, in the state of São Paulo, where the servers for the institutional website, SAP appliances, internal services, and other critical systems are located. In addition to the external attacks, their high number of workers result in the use of over 2,000 endpoints every day, presenting the added danger of phishing and business email compromise (BEC) scams.
Another important issue was related to Microsoft® Office 365®. Due to its cloud nature, the platform generates traffic that is outside the defenses of the company. That is why Arteris needed a security solution that would prevent Office 365 from being exploited as an entry point, and then moving towards more critical parts of the system.
"Trend Micro solutions tackle the problem head-on, allowing us to identify the threats right away and stop it from spreading throughout the network."
After carefully analyzing all available solutions, Ritzmann realized Trend Micro already was his primary supplier for defense technology and made sure it stayed that way. He concluded that all Trend Micro products in use were effective and reliably protected all critical environments of his company. He highlighted three main areas:
- Endpoints: The massive data flow, inbound and outbound, generates opportunities for malware and viruses to gain access to the system. It is also a major target for phishing and social engineering attacks. In this area, the security tools block the access of malicious agents.
- Servers: These highly critical environments contain enormous quantities of sensitive data, and are extremely valuable to hackers. Trend Micro™ Deep Security™ offers proactive, complete protection for physical, virtual, and cloud servers. This product allows for the quick identification of suspicious activities and precise intervention, in the case of unauthorized activities.
- Traffic: In addition to protecting stationary data, Arteris relies on Trend Micro™ Deep Discovery™ to analyze traffic in real time, identifying suspicious packages and using sandboxing to analyze and respond adequately to dangerous elements.
“Trend Micro solutions tackle the problem head-on, allowing us to identify the threat right away and stop it from spreading throughout the network”, states Ritzmann. These products are designed for maximum effectiveness for standalone and combined solutions, offering a solid, active defense for all of Arteris’s environment.
"The perfect blend of endpoint and server protection, with surveillance and quick action over data traffic guarantees a significant risk reduction."
Ritzmann opted to keep Trend Micro as his main cybersecurity supplier as he was able to clearly see the results it was generating. According to his security team, even with the substantial amount of attacks, no significant breaches ever happened over the last year. “The perfect blend of endpoint and server protection, with surveillance and quick action over data traffic guarantees a significant risk reduction,” explained Ritzmann. Even in cases where phishing scams successfully landed a malicious agent in one of the company’s endpoints, the infection couldn’t get past that first computer—evidence of the reliability of Trend Micro’s connected solutions.
This partnership should keep growing strong, as new projects for a private cloud take shape, and Arteris shifts from an on-premises to a cloud model. More operation efficiency is expected for the company, as it will have even more consistent data analysis, more network resources, and a proven, solid security system to guarantee sustainable growth for years to come.