Brazilian Fashion and Retail Business Protects 30 Million Customers' Financial Data With CrowdStrike Solutions
Legacy Antivirus Could Not Protect the New Digital Bank
Company executives realized the group was increasingly handling more of its customers’ money and offering them financial services such as store cards, insurance and loans. They decided to set up Midway, a digital-only bank to support customers. Godoi was hired to address cybersecurity not only for the bank, but also for all of Guararapes and its 30 million customers. He formed a new security group with a mission to strengthen defenses and bring the company up to financial cybersecurity standards. This was set in the context of a group-wide digital transformation strategy, shifting services and applications to the cloud, improving ecommerce and developing a digital marketplace. There also were new data regulations, such as the Brazilian General Data Protection Law (LGPD), that needed to be respected. The group had a traditional antivirus solution in place but managing it was complex and time consuming. It had to be physically installed on 10,000 devices and then reinstalled every time a device was replaced. Once installed, the application would slow down endpoints, especially older machines, which impacted user productivity.
CrowdStrike Deployed to 10,000 Endpoints After Extended Pilot
As a seasoned CrowdStrike user, Godoi wanted to make CrowdStrike one of the key pillars of the new security infrastructure. However, first he wanted to ensure CrowdStrike worked for the group’s mixed retail, manufacturing and finance operations. The company evaluated various products to see if they could support 10,000 endpoints. Then, in three days, Guararapes worked with CrowdStrike to set up a proof-of-concept pilot. “That is when we saw the simplicity, the ease of operation and functionality of CrowdStrike,” Godoi said. The pilot was supposed to last 15 days, but proved so successful that it ran for 60 days and became part of the full project rollout. “CrowdStrike really stood out against other solutions,” said Godoi. “We scaled the solution quickly and in just three months, had the whole deployment installed and working, identifying incidents within the environment and creating specific rules.” Guararapes now uses numerous CrowdStrike Falcon® platform modules to protect 10,000 endpoints across all parts of its business operations, from point-of-sale devices in stores to computers in its factories. Godoi has set up a 24/7 security operations center (SOC) integrated with CrowdStrike Falcon® Complete, CrowdStrike's managed detection and response (MDR) service. In partnership with CrowdStrike, the company is using the Falcon platform solution to develop use cases (e.g., when an incident occurs and there is an alert) backed up by an action playbook to handle similar incidents in the future. For example, if a machine shows signs of abnormal behavior, it generates an alert in the SOC so the machine can be isolated from the network without causing any harm. “This has helped us a lot,” Godoi said. “And it is a huge gain in our incident response process.”
Security Team Relieved of Huge Support Burden
CrowdStrike has relieved the security team of a huge maintenance and support burden. “I no longer need a focused team to look at endpoint security, to look at the health of servers and systems to see if they are working because this is what CrowdStrike does,” said Godoi. Unlike the previous antivirus solution, CrowdStrike has had little, if any, impact on endpoint performance. CrowdStrike has been easy to integrate with other systems, such as DevOps, in the business. “When you have a traditional antivirus solution, it slows down servers and applications,” said Godoi. “Sometimes an antivirus product is misconfigured or has an inappropriate time signature distribution which causes problems. With CrowdStrike, we have had none of these issues.” One of the main challenges prior to CrowdStrike was visibility about what was happening within the Guararapes environment.
Intelligent Threat Analysis Improves Productivity
Guararapes uses CrowdStrike for intelligent threat analysis by identifying new incidents and scenarios, documenting them and developing remedial actions. Godoi added that CrowdStrike has a series of dashboards to monitor and visualize activity using a real-time heat map. The solution even helps him and his team monitor whether a device is running the correct applications. Before, this would take months to resolve. These improvements in visibility, real-time monitoring and automation, in addition to CrowdStrike's cloud-native architecture, have improved productivity significantly. “One of the biggest benefits of CrowdStrike was the time I had to execute the project,” said Godoi. “It was all very quick because we did not have to go machine by machine, or use the infrastructure team on long, drawn-out projects that typically could take a year before showing results.” For the technical team, CrowdStrike has improved productivity by 70% enabling staff to spend time on more valuable functions and services.
Partnering with CrowdStrike is Key to Success
The partnership that Guararapes has established with CrowdStrike has been key to the success of the solution. “We have a partnership with CrowdStrike, not a relationship between client and supplier,” said Godoi. “Whatever we need, CrowdStrike is always there for us. When several competitors suffered attacks, CrowdStrike worked with us and shared knowledge to identify what happened, if those incidents could impact Guararapes and how we can protect ourselves. This has been a great aspect of the relationship with CrowdStrike, which continues to grow.”