Essilor International

Keeps a sharp eye on security

Overview

A pioneer in the development and production of ophthalmic lenses, Essilor International is a global leader in the design, manufacturing, and distribution of ophthalmic lenses, frames, and sunglasses. The company has enjoyed rapid growth through mergers and acquisitions (M&As). With the acquisition of the Italian eyewear company Luxottica in 2018, the company now employs more than 150,000 people globally. A leading provider of vision care and eyewear, the company is dedicated to improving lives by improving sight.

Essilor International’s IT environment exists worldwide in four geographical zones, each with on-premises and co-location data centers. Most recently, Essilor has established a roadmap to the cloud with 20 percent of its IT environment currently in the cloud and a goal of reaching 50 percent in 2022.

Challenges

In 2010, Essilor of America, a subsidiary of Essilor International, led the company into the private cloud by virtualizing its data center footprints. The company soon found that its traditional security solution needed to be modernized and meet compliance requirements, specifically the Health Information Portability and Accountability Act (HIPAA) and Payment Card Industry (PCI) requirements. “We realized that our security wasn’t keeping up with our data center transformation,” said Tanweer Surve, who served as Director of Enterprise Architecture and Cloud Technologies at Essilor of America.

In 2016, Essilor of America moved to a hybrid cloud environment with Amazon Web Services (AWS), simplifying the complex onboarding process during M&As. Surve is now with Essilor International where he is Senior Director of Enterprise Architecture, Cloud Technologies, and Security (CTO Office). In this role, Surve is working to accelerate the move to cloud globally. With the company’s rapid growth, the challenge is not just to make a seamless transition to cloud and streamline processes, but to do it safely and securely, complying with regulations worldwide while protecting the company and its customers.

"We needed cloud security that included consolidated billing, a bring-your-ownlicense model, single-pane management capabilities, robust reporting, ease of deployment and use—and only Workload Security checked all the boxes."

Tanweer Surve
Senior Director, Enterprise Architecture,
Cloud Technologies, and Security,
Essilor International

Why Trend Micro

Back in 2013, Essilor needed a new security solution that could protect both its physical and virtual environments. After a three-month proof of concept, the company selected Trend Micro Deep Security. “We wanted a solution that provided seamless integration with VMware vCenter® management software and true agentless deployment. Deep Security for VMware was the only solution that really worked,” said Surve.

When Essilor moved to AWS in 2016, Trend Micro Cloud One - Workload Security was the obvious choice for protecting its cloud environments. “We needed cloud security that included consolidated billing, a bring-your-own-license model, single-pane management capabilities, robust reporting, ease of deployment and use—and only Workload Security checked all the boxes,” said Surve.

Solution

When Essilor of America first chose Deep Security to protect its physical and virtual data centers, the company’s security management got a big boost. For example, the solution’s integrity monitoring tracks system changes and reports suspicious activity in real time, and the intrusion detection and prevention feature examines all incoming and outgoing traffic for protocol deviations, policy violations, or content that signals an attack—including zero-day exploits.

In moving to Workload Security, the company gained a powerful, integrated security platform that automates several security functions by adding orchestration layers onpremises and in the cloud and provides a single pane of glass for managing data center and cloud security. Essilor also appreciated the ability to purchase Deep Security on the AWS Marketplace. “We wanted simplified licensing for Deep Security, and AWS provided a very positive experience that was similar to shopping on Amazon® Prime,” said Surve.

More recently, Essilor International qualified Trend Micro as their global group standard for security. Surve said that he expects to move 100% of the global company to Trend Micro by the end of 2020.

"Trend Micro solutions increased our system performance by almost 50 percent, providing the comprehensive security platform we need to secure our physical, virtual, and cloud environments and to support evolving compliance requirements."

Tanweer Surve
Senior Director, Enterprise Architecture,
Cloud Technologies, and Security,
Essilor International

Results

For Surve and his team, all of Deep Security’s features provide value for the organization, but some stand out for him. One such feature is how the solution ensures protection by automatically providing an automated agent to any new builds, making Essilor’s compliance requirements easier to ensure. “By detecting when an agent is not installed, it helps us to maintain compliance with HIPAA, PCI, and GDPR requirements,” said Surve. “Deep Security’s features help us in our compliance efforts, and we can seamlessly manage security across all environments from a single-pane dashboard.”

Deep Security and Workload Security have met all of Essilor’s expectations and continue to deliver significant benefits for the organization. “Trend Micro solutions increased our system performance by almost 50 percent, providing the comprehensive security platform we need to secure our physical, virtual, and cloud environments, and to support evolving compliance requirements,” said Surve.

What's next

Surve and his team continue to focus on improving security and building threat intelligence across the global organization. Essilor International is implementing Trend Micro™ TippingPoint™ on-premises and looking at implementing IPS in the cloud as well as moving to a multicloud environment in the future. Surve will continue to count on Trend Micro as its forward-looking security partner. “We are working closely with Trend Micro to implement next-generation, real-time intrusion prevention on a global level. We have an aggressive journey to 2022, but we want to make sure we always focus on security first, and Trend Micro has the team to keep us on track.”