As a large company with massive operations, the organization becomes a large attack surface for cybercriminals. When Luiz Ritzmann, CIO for Arteris, was assigned to run the company’s technology, one of his first steps was to assess what the most critical security demands were and which resources were dedicated to those tasks. As well, he took time to examine what incidents had the potential to compromise the security of user and internal structures, and evaluated the efficiency of all security tools being used.
“In a world where you create complexities that bring you benefits, you also generate downsides in managing this complexity”, stated the CIO. This has been confirmed by studies carried out by his security specialists; the company has been attacked, on average, 80,000 times every month. Nearly 60 percent of this total focused on the data center in the city of Araras, in the state of São Paulo, where the servers for the institutional website, SAP appliances, internal services, and other critical systems are located. In addition to the external attacks, their high number of workers result in the use of over 2,000 endpoints every day, presenting the added danger of phishing and business email compromise (BEC) scams.
Another important issue was related to Microsoft® Office 365®. Due to its cloud nature, the platform generates traffic that is outside the defenses of the company. That is why Arteris needed a security solution that would prevent Office 365 from being exploited as an entry point, and then moving towards more critical parts of the system.