KPIT Reduces Malware Attack from 50 percent to Zero

KPIT is one of the well-known names in the industry offering IT consulting and product engineering services to the automotive and transportation, manufacturing, life science, and energy and utility industries.

As a company offering various services and developing intellectual property, KPIT needs prevention against all the cyberattacks, ensure 100 per cent availability and security. KPIT has developed native cloud applications, implemented IoT technologies and deployed mobile technologies to allow employees to work from any device or network. Their journey towards “Smart Enterprise” brought various security concerns and they realized the need for a more flexible, prevention-based approach to security, network and endpoint management.

Challenges

According to Mandar Marulkar, chief digital officer, KPIT “It was a significant transition, embracing the idea of a smart workforce and smart, software-defined infrastructure running multiple new digital applications. We went from having a 70-30 split between PCs and laptops to 30-70, while also moving lots of applications to the cloud and introducing initiatives such as BYOD. Mobility is at the heart of our new strategic approach to working.”

Building native cloud applications and moving some critical workloads to a public cloud created a few challenges…

• Managing secure access to these applications: some SaaS-based applications request dynamic IP addresses
• BYOD and mobility devices increased the risk of malware on endpoints from open, unmanaged networks
• Ever-increasing vulnerabilities from packaged and open source applications further increased the risk of devices, data and applications being exposed to security breaches
• Traditional network mapping no longer worked, policy management was inefficient and administration had become a major drain on resources.

Solution

KPIT did a comprehensive evaluation of security vendors and chose Palo Alto Networks to deploy its PA-5020 next-generation firewall first and then adding multiple integrated subscriptions and services. The company deployed Palo Alto Networks’ Traps, advanced endpoint protection, to protect endpoints against advanced malware attacks, including ransomware, and mitigate risks as well as reduce application vulnerabilities from endpoint, application and data exploits.

Cut App Development Time by over 50%

KPIT also used magnifier behavioural analytics to identify the stealthiest network threats and prevent. Magnifier accurately identifies targeted attacks, malicious insiders and malware, by analyzing the rich network, endpoint and cloud data with machine learning.

KPIT chose Panorama network security management enabling KPIT to view its firewall traffic, manage all aspects of device configuration, more easily push global policies, and generate reports on traffic patterns and security incidents, all from a single console.

To understand the threats in a better manner, KPIT deployed AutoFocus contextual threat intelligence service to accelerate its analysis, correlation and prevention workflows. Also, they selected WildFire cloud-based threat analysis service with the most advanced analysis and prevention engine for highly evasive zero-day exploits and malware.

Benefits

• Enables KPIT to scale, with no additional headcount, through automation
• Reduces malware attack success rate from 50 per cent to zero
• Provides one-click insight from a single console
• Minimizes impact on device performance
• Employs user behaviour analytics, along with network and endpoint behaviour anomaly detection, for a prevention-based approach

Results

KPIT managed to protect its network against malware and other threat utterly, zero malware without impacting the performance and with quite simple administration compare to the previous one. 50 per cent of malicious attempts would have slipped through the company’s network. At the same time, the lightweight Traps agent has eliminated any degradation of device performance.

“We can see on the Panorama console that we have proactively blocked a huge amount of malware – there hasn’t been a single instance globally, which is quite an achievement,” says Marulkar. “The biggest benefit is the simplicity of the platform approach. We didn’t have to invest everything on day one.