Danieli & C. Officine Meccaniche S.P.A is one of the three largest global suppliers of industrial plants and equipment for the metal industry. It can produce anything from individual units to complex “turn-key” projects. The wide range of products and processes available — including automation and process control — covers all stages of production from ore processing to the finished product. In addition to the engineering skills and project management, the company has extensive production expertise which uses its own design centers and buildings and is strategically located in Europe and Asia to guarantee continuous high-quality. Danieli & C. Officine Meccaniche S.P.A employs more than 11,000 people — spanning the globe — in Europe, North America, South America, and Asia. The average annual revenue exceeds 3 billion euros. Substantial investments in Research and Development (140 million/year over the last five years) support the development of innovative and ecologically sustainable processes and maintain the company’s leadership in the global market.
One of Danieli & C. Officine Meccaniche S.P.A’s key challenges was protecting its intellectual property, specifically its designs for machinery and industrial plants. Moreover, as a public company, Danieli & C. Officine Meccaniche S.P.A was concerned with protecting its corporate image while providing protection against a quickly evolving and adapting threat landscape. Additionally, the company was looking for a solution that would easily extend the same level of security across all locations with the ability to manage everything from one centralized and unified console. The leadership team realized the need for a Data Loss Prevention (DLP) solution — a solution that would solve all of these issues.
The importance of security in other internal company departments was not always at the forefront of people’s minds. Many people have the perception that security is not a priority until after a breach has occurred. The introduction of a DLP solution highlights the significance of handling data that could jeopardize the company if it were in the wrong hands.
“Thanks to DLP, we could significantly increase the degree of awareness and attention. This allowed us to highlight accidents due to lack of employee awareness or pure distraction.”
— Fabrizio Paolini, IT Security Manager, Danieli & C. Officine Meccaniche S.P.A
In the course of time, a transformation has occurred in the user’s approach to DLP. The thought process has transformed from initial skepticism to understanding its meaning and grasping the potential. This transformation parallels what was experienced by the introduction of the initial viruses in the past (skepticism, acceptance, approval by users). DLP ensures the protection and integrity of critical documents that are vital to the business.
“The IT security must be defined as a single perimeter where each department should be aligned at the same level in order to maintain consistent, viable protection. If the security was different throughout the different departments, you might expect that the least protected would become the victim of a possible attack.”
— Fabrizio Paolini
Danieli & C. Officine Meccaniche S.P.A’s designs, engineering plans, and technologies are highly sophisticated — the result of over 100 years of experience. Due to this complexity, the risk assessment took a data-centric approach. A critical consideration was the operating modes that Danieli & C. Officine Meccaniche S.P.A uses for interaction with customers and suppliers; they are often forced to send confidential documents externally which need to be secured. The company has many different documents in unstructured formats as well as technical drawings in 2D and 3D CAD formats.
These documents are sent using standard technologies such as file transfers via the network, USB devices, CD/DVD, and by printing hard copies. Therefore, it was important to have a solution that would enable Danieli & C. Officine Meccaniche S.P.A to analyze the flow of data while at the same time not restricting the day-to-day operations of its employees.
Ultimately, Danieli & C. Officine Meccaniche S.P.A chose to implement Forcepoint for its multitude of capabilities across the web, email, and data channels. With Forcepoint, Danieli & C. Officine Meccaniche S.P.A is able to protect Internet browsing (blocking sites not related to business: hacking, gaming, pornography, etc.) which ultimately protects its data. The ability to provide analysis in realtime and protect against advanced threats such as non-signature based or zero-day threats was of particular interest to Danieli & C. Officine Meccaniche S.P.A. This allowed the IT department to increase the level of security while providing visibility into the movement of confidential data.
“We wanted to be at the forefront.”
— Fabrizio Paolini
Over time, the Forcepoint development team has always been attentive to the demands of Danieli & C. Officine Meccaniche S.P.A. While the deployment was gradual at first, the company eventually extended it to the main subsidiaries in Thailand, China and India. In 2011, Danieli & C. Officine Meccaniche S.P.A added Forcepoint appliances that enabled the company to expand the perimeter of protection on a global scale. In 2014, the landscape changed for the company and it replaced physical appliances with virtual systems. This allowed it to extend the scope of the protection through the use of the Cloud.
“The Cloud has enabled us to extend the same protection to our smaller offices scattered across the globe and to provide protection to our laptops that operate outside of the corporate LAN.”
— Fabrizio Paolini
From the initial 400 licenses in 2009, Danieli & C. Officine Meccaniche S.P.A grew to 4,000 licenses which it manages from a central console. This allows enforcement of the same policy for everyone in order to maintain a uniform level of safety. The company also chose to create various policies based on the type of document being used and according to the particular user’s role.
Danieli & C. Officine Meccaniche S.P.A understands that a large portion of the risk of data loss is determined by the end user. A decrease in risk occurs when you increase the awareness of employees. User actions in Danieli & C. Officine Meccaniche S.P.A today have improved as a result of greater awareness, and, consequently, the risk of data theft has decreased.
“Obviously, it is difficult to measure the returns of a security solution until there are no accidents. The economic benefits are indirect such as: maintaining technological leadership, investment protection of shareholders, and more business opportunities.”
— Alexander Stewart, Executive Vice President of ICT, Danieli & C. Officine Meccaniche S.P.A
After implementing Forcepoint, Danieli & C. Officine Meccaniche S.P.A has significantly raised the protection of its brand reputation by being able to enforce policy across the web and email channels. This allows the company to avoid potential security incidents that could result in damaging the company.
In addition, the company has been able to create detailed reports for internal presentations and analysis for regulatory compliance. Like many other companies, Danieli & C. Officine Meccaniche S.P.A is required to submit financial statements each year to its auditors. Forcepoint provides optimal management of these reports to reduce the amount of analysis on the part of Danieli & C. Officine Meccaniche S.P.A. It also facilitates in regulatory compliance as it allows for greater transparency to the external auditors. Additionally, the DLP solution includes forensic analysis, which Danieli & C. Officine Meccaniche S.P.A has customized with the help of external tools.
Forcepoint’s solution has yielded greater employee awareness on the importance of keeping Danieli & C. Officine Meccaniche S.P.A’s data secure. This has prevented the company from losing critical data and directly increasing its competitiveness in the market. By securing its data with Forcepoint, Danieli & C. Officine Meccaniche S.P.A has a competitive edge in the marketplace.
Danieli & C. Officine Meccaniche S.P.A has relied on Forcepoint security solutions since 2008.