You’ve probably heard of Victoria’s Secret. And Calvin Klein, Gap, Lands’ End, Marks & Spencer, and Tommy Hilfiger. But you may have never heard of Brandix, one of the largest apparel suppliers to these and other top retail fashion brands. Sri Lanka’s largest apparel exporter, the Brandix Group employs approximately 48,000 people across 42 sites in Sri Lanka, India, Bangladesh, and the Dominican Republic.
In the global apparel industry, Brandix’s reputation as a top supplier of quality clothing has been rising rapidly along with its export volume. For the past five years, Brandix has been lauded as Sri Lanka’s Exporter of the Year (by the Sri Lankan Export Development Board). This surge in recognition has led to rapid growth, and with it, additional security risk.
“With the success and growth of our business, we knew we needed to take information security to the next level,” says Manager of Microsoft Technologies Janaka Sampath who oversees endpoint protection across the extended Brandix enterprise. Management concurred and even mandated bolstering cyber defenses, but desired to keep the information security team small.
So that was Janaka’s challenge: How could he pull together multiple security tools such as endpoint solutions with machine learning and detailed threat analytics in a security operations center run by a small team?
Tempted by Newer Endpoint Solutions but Won Over by McAfee
Although Brandix had used McAfee® antivirus solutions to protect endpoints for years, the newer endpoint protection products began to catch Janaka’s attention because they do not rely on signatures for detection. After a thorough evaluation, however, he concluded that sticking with McAfee for endpoint protection still made the most sense given that McAfee recently introduced McAfee Endpoint Security. In Janaka’s mind, the new solution was a tremendous leap forward in endpoint protection, one that “goes well beyond signature-based detection.” The addition of Dynamic Application Containment (DAC) functionality and Real Protect machine learning technology, in particular, helped sway the decision.
Without its users even noticing, Brandix seamlessly migrated the antivirus engine of the McAfee Complete Endpoint Protection Advanced suite—McAfee VirusScan® Enterprise—to the McAfee Complete Endpoint Threat Protection Suite. The company also deployed the Adaptive Threat Prevention module option, which provides DAC and Real Protect. Janaka is first running DAC in “productivity mode,” fine-tuning and teaching it to avoid false positives before moving to “balance mode.” Implementation of Real Protect will follow. The impact of DAC and Real Protect has been impressive in the company’s tests using malware and greyware samples and mutations of samples. “In our simulations, McAfee Endpoint Security has detected and blocked ransomware and zero-day threats very effectively,” says Janaka.
Integrated Security Framework Boosts Security to Next Level
In addition to McAfee Endpoint Security, Brandix decided to implement McAfee Threat Intelligence Exchange and McAfee Advanced Threat Defense (McAfee ATD) to take advantage of each solution’s integration via the Data Exchange Layer (DXL), an open-source platform that connects security components for real-time data exchange without requiring point-to-point API connections. Now when a Brandix endpoint encounters a suspicious or malicious file, that information is immediately conveyed to McAfee Threat Intelligence Exchange, which compares it to its reputation database, and, if no match is found, immediately sends it to McAfee ATD for analysis. If McAfee ATD concludes the file is malicious, that information is instantly shared with all systems in the environment connected via DXL—including all other endpoints.
“Aggregating and sharing threat intelligence that has been gathered at various levels from a range of sources significantly enhances our security posture,” explains Janaka. “With McAfee Threat Intelligence Exchange and our integrated security platform, we can respond to threats much more quickly and mitigate risk more effectively. For instance, if a user attempts to download, knowingly or unknowingly, a file that violates our security policy or causes suspicious activity detected by McAfee Endpoint Security, we can immediately blacklist the file and prevent it from executing anywhere in our highly distributed environment.”
Improved Security Without a Huge Hassle or Increased Operational Overhead
Using the McAfee ePolicy Orchestrator® (McAfee ePO™) central console, Janaka and his small team at headquarters can manage all three McAfee solutions—McAfee Complete Threat Protection Suite, McAfee Threat Intelligence Exchange, and McAfee Advanced Threat Defense—as well as McAfee DLP Endpoint (to prevent data leakage). From a single pane of glass, they set security policies and push them out to the company’s sites worldwide. Small remote teams at each of the company’s major sites also use McAfee ePO software to monitor day-to-day security in their respective environments. Because McAfee ePO software simplifies and consolidates security administration so much, Brandix needed no additional staff to augment its security arsenal and fortify its security posture.
Just as Brandix works behind the scenes to support global retail brands, McAfee integrated security works in the background at Brandix to keep data and operations secure so the company can focus on its core business. “The biggest benefit of our decision to go with McAfee Endpoint Security and the McAfee integrated security platform,” says Janaka, “is that it takes our security to next level without a huge hassle.”