The Security Journey – from Covering the Basics to SOC
The Primeline Group is the largest independent Irish provider of logistics and sales and marketing services to home-grown and international brands and retailers across the Irish and UK markets.
The Primeline Group consists of four market-leading companies:
Primeline Sales & Marketing are experts at maximizing the visibility of consumer brands in the Irish marketplace.
Primeline Logistics provide cutting-edge supply chain solutions to companies operating in, or trading with, the island of Ireland. Primeline serves over 4,500 retailers and licensed premises with a transport fleet exceeding 200 vehicles, working together across 750,000 square feet of hi-bay warehousing.
Primeline Express provides business to business overnight transportation between the UK and Ireland.
Primeline VNE provides a range of warehousing, distribution, supplier management and inventory management solutions.
Technology
In terms of the technology landscape, as the business was growing and changing at a faster pace than ever before, the IT systems needed to be reviewed to ensure they were still fit for purpose and able to cope with the demands of the business. Continuous strong business growth, and an acquisition strategy, placed new emphasis for investment and development on the IT infrastructure
With the IT infrastructure coming to end of life and the business grown to approximately 400 users, the IT staff were having difficulties understanding network traffic and there was only basic security in place. There was no security monitoring of any kind and the existing network architecture and equipment was showing increasing signs of vulnerability.
This came even more sharply into focus when the business suffered from a ransomware attack and at least one known hacking incident.
Planning for the Future – Where do you start? a Security Audit!
CommSec were first engaged by Primeline to undertake a security audit of the environment in February 2019. The scope of the audit was comprehensive and focused on three categories of findings, namely: People, Processes, Technology.
CommSec broke the recommendations down into three categories of high, medium, and low risk.
Each risk was identified with remediations and prioritizations. Four projects were identified to enable a new Cloud strategy and to facilitate the successful acquisition of the Johnson Brothers business and further growth – which was particularly strong in the retail sector.
Outcome of Security Audit – Projects
Four distinct projects were identified as requirements from the audit.
1st Project – Bandwidth and Internet Connectivity
Primeline’s key IT objective was to enable a Cloud strategy and this was frustrated by a lack of security and bandwidth / connectivity. CommSec carried out a network upgrade of the internet connectivity from multiple ADSL and VDSL lines to a 1Gbs symmetric fibre circuit with radio backup.
2nd Project – Security Infrastructure
The security infrastructure had to be refreshed and CommSec implemented a new firewall infrastructure using enterprise grade Fortinet firewalls. The new environment was designed with failover between the firewalls for high resilience.
3rd Project – Implementation of SIEM strategy
Primeline identified that security on their network and continuous security monitoring would play a vital role in ensuring that their business maintained all compliance standards they must adhere to – for their own business and to re-assure their customers that their business information and data managed by Primeline was secure.
Primeline recognised the benefits of implementing a Security Incident Event Management (SIEM) which is now provided by CommSec using the CommSec Security Operations Centre (SOC) Service.
All network traffic and potential security events are now reviewed by the CommSec SOC team – ready to investigate and take appropriate action when a threat is detected.
The CommSec SOC uses the AT&T AlienVault platform, along with other industry leading tools such as Sophos Intercept X. The use of advanced network operations tools gives the Primeline IT and the CommSec SOC teams full on-site visibility of all network traffic.
4th Project – Full Core Network Overhaul
This was a comprehensive infrastructure overhaul consisting of switches, routers and wireless access points. After evaluating several technologies, Huawei was chosen as the primary vendor for the network overhaul.
CommSec designed and implemented a new network infrastructure that delivered many new features to Primeline, including new resilient fibre connections to each campus building. A fully routed managed network and a new enterprise grade Wi-Fi solution segregating different categories of users onto separate networks.
Security – Where to Next?
As Primeline looks to continued strong growth and the goal of a Cloud enabled IT environment, the next pieces of the security infrastructure to be rolled out include new end point protection for user laptops and desktops; vulnerability scanning for IPs and URLs and password management with two factor authentication when accessing applications. CommSec are also working with Primeline to implement a full security framework approach, which may also include appointing a Chief Information Security Officer (CISO) as a Service.