Case Study: Engelbert Strauss Takes on Cybersecurity

The Company

Engelbert Strauss & Co. is a 100% independent, owner-managed family business in its fourth generation. Norbert, Gerlinde, Steffen, and Henning Strauss jointly manage the company founded by their father and grandfather, Engelbert Strauss. From its headquarters in Biebergemünd / Frankfurt am Main, the company employs 1,200 people and is represented throughout Europe by ten owned subsidiaries. In addition, the company serves a large number of international commercial customers from its headquarters.

As market leader in the field of workwear, Engelbert Strauss & Co. changes the appearance of entire industries. The company’s products include workwear and accessories, shoes, and occupational safety items. For several years, the owners have been making use of their many years of experience and proximity to the market to expand their own collections. Engelbert Strauss & Co.’s collections are sold online, via print catalogs, and in its own workwearstores®.

The Situation

Engelbert Strauss & Co. relied on a well-known provider’s traditional signature-based antivirus (AV) solution to secure the company’s 1,000 endpoints and 200 servers, but administration of the solution was becoming increasingly expensive. The IT team at Engelbert Strauss & Co. has 20 people, including 11 administrators. The remaining employees are predominantly employed in support roles. Despite this comparatively large IT team, it took weeks to create and monitor the necessary set of rules with the existing antivirus solution, and training also took up a considerable amount of time. Not only that, but the constant import of new patches and signatures took a lot of time and involved risks.

Rüdiger Faust, IT Team Leader, says, “Traditional antivirus solutions are purely pattern-based. With the current malware flood and ever-new attack vectors, we’ve had plenty to do to keep the endpoints up to date. At the same time, performance was extremely unsatisfactory, and management of the antivirus solution was costly. In addition, the requirements for high-performance components and trouble-free operation are particularly high in our industry. These were essentially the triggers for us to look for an alternative to conventional solutions. Our goal was to protect critical data and to ensure productive operations. At a presentation by Controlware, we became aware of the AI based solutions from Cylance.”

With 700 employees at 16 locations in the DACH region, Controlware GmbH is one of the major IT security houses. In an interview with the Computer Reseller News, Mario Emig, Head of Information Security Business Development at Controlware confirms, “Artificial intelligence and machine learning have arrived as security solutions. Some innovative manufacturers already rely heavily on these technologies.”

The Process

“We were looking for a truly novel approach, and I have to admit that I was impressed by the mathematical concept underlying the solution. We quickly decided to test the solution and start a POC on about 10% to 15% of all systems. For that, we needed six people in total and less than an hour of training. The solution is quick and easy to use, resource-saving, and eliminates the annoying import of updates. Except for occasional system updates, the solution just runs in the background.”

Engelbert Strauss & Co. works in 24-hour productive operation, whereby the requirements for trouble-free migration are naturally very high. In addition, in the field of logistics, high-performance components are required that work in the background as smoothly as possible. “That describes Cylance in full,” says Rüdiger Faust, “but the solution has another advantage. To my knowledge, it is the only one that works in addition to other endpoint security solutions. During the migration phase, we wanted to run Cylance products in parallel with our existing solution in order to safely exclude the false positives that occur. The pleasant side effect is that we were able to carry out the rollout at the same time in a relaxed manner.”

Rüdiger continues, “Excluding false positives for files and non-dangerous software was quick and easy. For example, we have defined exceptions for our ERP system. This is a special in-house development that is not located in the demilitarized zone as usual.

Naturally, false positives have occurred here. By the way, only 67 altogether, to name an order of magnitude. For a basic set of rules, it was enough to roll out Cylance on 10 to 15% of our systems. The configuration is clear and deliberately slim. It was an extremely pleasant situation compared to the existing solution. And if we ever had a question, the responsible sales engineer from Cylance supported us on the short service route. The ability to move the POC into a live environment also greatly reduced the usual overhead.”

The Results

“It was not a big step from the POC to actual live operation,” Rüdiger reports. “We were able to quickly deploy the solution nationwide and uninstall the previous solution. We have completely implemented the actual rollout process via our software management solution and thus, it was virtually automated.”

Rüdiger Faust also pointed out the importance of other Cylance-specific benefits such as the solution working intuitively with very little training required, CPU and RAM utilization being negligible as compared to other products, and the use of an innovative approach to detection of previously unknown threats that uses artificial intelligence and machine learning models.

Rüdiger concludes, “The implementation of Cylance’s products had no impact on operations, and we were able to complete the rollout in a timely manner. We did not have to uninstall the existing solution immediately or before commissioning Cylance as is usual with other products. Cylance has already blocked new malware in addition to malware that was not revealed by the existing solution. In addition, Cylance has found several versions of outdated software that was just taking up space on our systems. Last but not least, we can rely on the amazing first-class support of the Cylance team.”

INDUSTRY: Retail

ENVIRONMENT: 1,000 endpoints and 200 servers

CHALLENGES:
        • Protect business-critical data and safeguard operations
        • Protect endpoints without sacrificing performance
        • Implement an innovative and easy-to-use solution as an alternative to a traditional signature-based antivirus solution

SOLUTION: 
        • Deploy CylancePROTECT® to protect against unknown malware, with minimal impact on performance and operations
        • Deploy CylanceOPTICS™ AI driven detection and response solution

Read and download the full case study report HERE.