Consider a 1000-bed hospital in São Paulo and imagine the volume of drugs, medical supplies and associated products consistently needed to keep it functioning. Bionexo is a Brazil-based technology company that has developed and manages digital solutions to make purchasing, sales and process management in the healthcare supply chain more efficient and cost effective. Leveraging relationships with around 2,000 hospitals and 20,000 suppliers across Latin America, Bionexo trades approximately R$14 billion (US$ 2.5 billion) per year via its digital platform.

Ubirajara Maia, the Bionexo VP of Technology, described, “We connect a hospital supplies buyer in the Amazon with the right healthcare product provider. Without us, that connection would not happen, and it means we can process multi-item, highly complex purchasing transactions. We enable the digital journey from planning to funding and help healthcare providers reduce costs by up to 20 percent.”

Faced with the need to deliver life-saving medical products to healthcare institutions, maximizing the availability of Bionexo systems and applications is always a mission-critical task.

Bionexo uses the cloud to manage all of its business and digital healthcare systems, but historically this was only possible to do from a company office location. Robust perimeter security ensured data and people were protected. This was fine until the 2020 COVID-19 pandemic struck and employees were mandated to work from home. Apart from now having endpoints outside of the perimeter defenses, the unprecedented circumstances also exposed the potential for previously unforeseen vulnerabilities.

Due to the unique nature of its business and the diverse deployment environments found at the company’s own clients, Bionexo builds all of its applications in-house. This also has resulted in the need for internal teams to develop and test applications running across multiple operating systems, such as Windows, Linux and Apple iOS. When being used in-house, each system was robustly protected, but once users made the jump to working from home, they became more vulnerable.

Availability is Everything

Bionexo installed an antivirus application to protect remote workers, but this did not resolve the key issue of ensuring system performance and availability. Maia added, “Our customers rely on the Bionexo platform to obtain critical healthcare products. If it is not available, how do they control that supply chain, who do they contact, when will orders arrive? It is simply not an option for our platform to go down. This non-stop requirement is essential to support healthcare provisioning. Availability is vital, it is our oxygen.”

The key question facing André Ceron, head of infrastructure and security at Bionexo, was how to most effectively protect Bionexo and its people during a pandemic? Whatever the decision, it also had to be executed in a quick and agile way that was seamless for users and without any disruption to operations.

Based on extensive previous experience, Ceron opted to deploy the CrowdStrike Falcon® platform, populated with a broad set of CrowdStrike products to bring immediate protection and visibility to the company’s newly expanded environment.

For Bionexo, some of the standout benefits of the CrowdStrike solution include ease of installation and staff acceptance. It took just 15 days to install across the now highly distributed environment and met nominal resistance from users. Ceron commented, “People always ask: Will this solution have an impact on the performance of my systems and applications? But far from slowing anything down, CrowdStrike actually made them faster and ‘lighter’ and while it protects, it remains transparent. That is why even the administrators ended up on our side.” To underline the point, several users inquired why IT had not put the CrowdStrike solution on their devices, when in fact it was already installed.

Bionexo has deployed multiple modules on the CrowdStrike Falcon platform to protect its cloud based systems and data, diverse development operating system environments and all user endpoints regardless of location. Ceron recalled, “We removed the existing antivirus software and replaced it with CrowdStrike. No new hardware was implemented: It was a simple and very fast changeover because everything is in the cloud. We touched every part of the enterprise even down to individual user devices and, interestingly, we did not need any reboots. Everything was activated instantly.”

CrowdStrike also has facilitated several additional features such as real-time inventory, licensing control, software distribution and automated remote updates. Bionexo worked with CrowdStrike and its business partner NV7 Telecom to deploy the solutions.

CrowdStrike is Mission-critical

Maia describes the Bionexo security strategy in simple terms: “First you have a door, then you lock the door and finally you put an alarm on that door: This is what CrowdStrike does for us.”

But the most important benefit is how CrowdStrike helps Bionexo ensure platform availability for customers.

CrowdStrike has made security management far more agile and flexible. Ceron explained, “I don’t need to be in my office anymore. I can be anywhere and provide the same level of security across the entire company. I have a developer who went to the countryside to be with his mother during the pandemic and he was perfectly protected. I don’t have to rely on the perimeter defense anymore to secure all of our employees.”

One issue at the start of the pandemic had been that the company’s developers, who had previously operated inside of the in-house perimeter defenses, did not have comprehensive protection once they began working at home. The elevated security and visibility delivered by CrowdStrike alleviated this situation.

Bionexo has also integrated CrowdStrike with applications like Slack so that potential threats are quickly communicated across the business. This is reinforced by the CrowdStrike OverWatch team that hunts down threats and alerts Bionexo. Another key benefit is the ability of CrowdStrike to protect diverse environments. Ceron said, “What really got our attention was the number of technologies I can secure using CrowdStrike: I can monitor absolutely everything. And since CrowdStrike is so scalable, I can grow and enhance protection as the business expands.”

Significant Increase in Visibility

CrowdStrike has increased visibility significantly. Ceron stated, “Being able to monitor exactly what is happening across our environment is extremely important: I did not have this before. Now I can see all the data flows, which is important because of new legislation such as LGPG [General Data Protection Law].” For customers like hospital procurement managers, the move to the CrowdStrike platform was completely transparent. Indeed, the only thing they noticed was the greater availability of the application.

Bionexo staff had been used to a degree of freedom in installing software on their PCs and laptops. For better security, the company wanted to stop this and was able to do it in a non-confrontational way with CrowdStrike. The Falcon platform enables management to see when something is being installed so they can contact the user to suggest a more preferred option. “We are using CrowdStrike in an educational way without being aggressive,” noted Ceron.

Maia concludes, “For me, the main point about CrowdStrike is managing incidents. This is extremely important for the continuity of our business, and it makes us feel very safe. What makes the big difference for Bionexo is the management capacity and the ability to identify threats, then quickly perform analysis and respond in a proactive way to mitigate any potential compromise. This is exactly what we needed.”