Case Study

Plantasjen plants complete, connected Palo Alto Networks security infrastructure

RESULTS

24/7

intelligent automation monitoring

1000+

servers and endpoints protected with Cortex XDR

$1M+

safeguarded during Kaseya attack

In brief

Customer

Plantasjen Norge AS

Organisation Size

2,400 employees;130 retail stores in Norway, Sweden, and Finland

Industry

Wholesale and Retail

Featured Products and Services

Garden plants, furniture, tools

Location

Oslo, Norway

Challenges

Reliance on separate, fragmented network and endpoint protection tools increased cost, complexity, and security gaps. Too much time was spent on manual security tasks. 2021 ransomware attack targeted Kaseya customers, including Plantasjen.

Requirements

  • Simplify security and lower costs with economies of scale.
  • Collect and analyse security data to stop modern attacks.
  • Simplify workflows and strengthen security against sophisticated attacks.
  • Granular policies that allow/deny access to applications by users.

Solution

Palo Alto Networks PA-Series ML-Powered Next-Generation Firewalls and VM-Series Virtual Next-Generation Firewalls, Cloud-Delivered Security Services (GlobalProtect, Threat Prevention, WildFire, URL Filtering), Cortex XDR Pro.
Introduction

Three years ago, leading Scandinavian garden supplier Plantasjen planted an innovative Palo Alto Networks cybersecurity strategy – which is blooming. Connected network and endpoint security is closing security gaps, eliminating complexity, and supporting a great retail experience. For example, while the 2021 Kaseya cyberattack forced many other retailers to temporarily close and lose revenues, the Palo Alto Networks portfolio enabled Plantasjen to successfully defend itself against the attack and continue to trade – without losing a single Norwegian Krone in revenue. Modern artificial intelligence (AI) and machine learning (ML) are also driving unprecedented retail operational efficiency.

CHALLENGES

A Nordic greenhouse

Plantasjen is one of the leading garden centre retail groups in the Nordic region, selling plants, furniture, and garden accessories to customers in Norway, Sweden, and Finland. More than 2,400 employees support almost 130 retail outlets, together with a flourishing online business.

Like any modern retailer, Plantasjen is exposed to more threats than ever across its store network, eight warehouse hubs, and thousands of endpoints. The environment also includes a fast-expanding AWS and Azure cloud infrastructure, managed by Orange Cyberdefense. The store network needs to be secure by design to anticipate risks to point of sale (POS) vulnerabilities, for example, and managing the supply chains across many providers adds risk. Likewise, customer privacy needs to be upheld across e-commerce and data analytics processes.

Scroll back three years and Plantasjen was relying on separate, legacy network and endpoint security platforms – a reliance which undermined its ability to safeguard systems and data.

"We struggled with both platforms, owing to their complexity and cost. Our goal was to standardise and streamline security, relying on fewer best-of-breed partners."

– Olav Fyldeng

Chief Information Officer, Plantasjen

REQUIREMENTS

Security matters in the boardroom

Fyldeng and his team identified multiple requirements for the new connected cybersecurity strategy. “Security now has boardroom attention. It’s no longer perceived as an overhead; it’s a business driver – so we had to act decisively,” he says.

They identified the necessity of a unified, intelligent platform that:

  • Simplifies security and lowers costs with economies of scale.
  • Collects, integrates, and analyses security data to stop modern attacks.
  • Simplifies workflows and strengthens security against sophisticated attacks.
  • Enables the configuration of granular policies that allow or deny applications by user and user group.
SOLUTION

Choosing the hamburger menu

Plantasjen swapped out its fragmented network and endpoint security platforms for the Palo Alto Networks portfolio. “We trust Palo Alto Networks,” says Fyldeng. “They understand our business and talk our language. We also like the hamburger-style menu of security technologies – we can pick between best-of-breed technologies and they all work together to safeguard our data, applications, and people.”

Palo Alto Networks PA-Series ML-Powered Next-Generation Firewalls (NGFWs) and VM-Series Virtual NextGeneration Firewalls are deployed in the two Norwegian data centres and throughout the international retail store network to safely enable applications and prevent modern threats. “The beauty of Palo Alto Networks Next-Generation Firewalls lies in their simplicity and consistency,” says Espen Gylterud, Technical Manager, Plantasjen. “Using the Panorama management console, for instance, we can centrally administer the entire network security environment. We can set up security policies and control the firewalls from one screen, and have complete visibility into any threat on the retail network.”

GlobalProtect is used with the firewalls to securely enable remote work from home, including access to Office 365 applications. “Palo Alto Networks NGFWs allow employees working from home or in retail stores to have the same high-quality user experience. The service is robust and the performance is excellent,” says Gylterud.

Cortex XDR replaces the previous endpoint security platform, introducing modern extended detection and response across more than 100 Plantasjen servers and 1,000 plus endpoints. “As a cloud-based application, Cortex XDR eliminates the need to deploy additional on-premises software or hardware. We pushed the deployment out in just one day to all the endpoints,” says Gylterud.

"The beauty of Palo Alto Networks Next-Generation Firewalls lies in their simplicity and consistency."

– Espen Gylterud

Technical Manager, Plantasjen

BENEFITS

Not a Norwegian Krone lost to Kaseya attack

The Palo Alto Networks portfolio proved its worth during the 2021 Kaseya attack. A ransomware gang had targeted managed service providers (MSPs) and their customers in a massive supply chain attack through Kaseya VSA, a remote patch management suite.

Nordic retailers were among those impacted by the attack; many paused trading to shield themselves. One leading Swedish supermarket chain, for example, shut down approximately 500 stores for six days.

Thanks to Palo Alto Networks, Plantasjen was not impacted by Kaseya. As Fyldeng explains, the cybersecurity portfolio prevented any intrusion. “We had complete visibility into the threat and switched our POS systems across to a secondary system. Owing to Palo Alto Networks NGFWs and Cortex XDR, Plantasjen did not lose a single Norwegian Krone in sales or shut down any stores during the attack.”

Fyldeng puts any potential loss of trading days into context. “We are a $450 million business. Losing even one day of trading is equivalent to more than $1 million in revenue – more so during our busy spring planting period. The Palo Alto Networks portfolio safeguarded us throughout the event.”

Besides protecting against threats and avoiding ransomware-related revenue loss, the portfolio is also increasing agility. Fyldeng explains, “Palo Alto Networks’ intelligent automation monitors the infrastructure 24x7. We’re a lean team of two security people supported by the Orange Cyberdefense managed security service. The network and endpoint security are easy to deploy and even easier to manage.”

He cites two examples. First, an employee received a text authentication message from a curious Pacific phone code. The system automatically alerted the team who were able to validate the legitimacy of the text. Second, the Palo Alto Networks portfolio also detects threats from other Plantasjen IT suppliers, even before the supplier is aware. “With Palo Alto Networks, we are always looking over the horizon to the next threat. Their platforms are proactive, automated, and simple,” says Fyldeng.

"The Palo Alto Networks team are trusted friends and partners of Plantasjen. Their experience, knowledge, and understanding of our business enables Plantasjen to cope with a constantly evolving attack surface. That way, we can continue to serve Nordic customers with a great garden experience."

– Olav Fyldeng

Chief Information Officer, Plantasjen