Brooks Makes Strides in Security Strategy With Illumio

Quickly shrinking its attack surface and reducing risk from ransomware

Summary

Industry: Insurance

Environment:

Challenge: Minimize risk by understanding traffic flows and limiting user-to-server interactions

Solution: Illumio Core

Results: Full understanding of traffic across hybrid, multi-cloud environments.
Simple, fast security controls to protect critical servers.
Ability to visualize risk and the impact of new or changed rules

Business Goals

Brooks is all about making sure customers can “Run Happy.” The retailer’s ultimate goal is to make each run better than the last. And it’s primed to deliver.

A subsidiary of Berkshire Hathaway, Brooks entered the billion-dollar brand club in 2021, claiming a top spot in the performance running market.

But the business also faces the stark reality that ransomware is running rampant. Modern retail networks represent an expanding attack surface, making retail brands a prime target. An attack could cause major operational and reputational damage.

Brooks must ensure its systems that allow customers and retail clients to procure products run happy — securely.

“Our highest security priority is to minimize risk for the business,” explains Ryan Fried, Senior Security Engineer at Brooks. “Being in the retail and e-commerce space, strengthening controls against ransomware is at the center of almost everything we do.”

Technology Challenges

Fried identified the need for microsegmentation to bolster ransomware resilience and mitigate the risks of a largely flat network.

The first order of business would be to lock down unauthorized access to servers.

“With an IT team of fewer than 100 people worldwide, 99 percent of users don’t need to access servers,” says Fried. “If a user is infected by ransomware, we need to ensure the attack won’t spread to servers and affect availability and operations.”

Ease of use and efficiency are essentials for any new measure the five-member security team implements. Network-based segmentation using existing firewalls would be rife with complexity and limitations and put the operational onus on Brooks’ sole network engineer.

How Illumio Helped

Based on past experience using Illumio Core, Fried knew it was a perfect fit for Brooks. Illumio simplifies segmentation, empowering the whole team to use the product, regardless of role. This speeds progress towards the ultimate goal of reducing risk.

“With Illumio, it’s incredibly easy to take a data-driven approach to microsegmentation,” Fried says. “We can monitor flows in and out of servers, and those insights help us design a more effective security strategy. Being able to visually test the impact of our strategy has been a game changer for us.”

Brooks has quickly shrunk its potential attack surface thanks to Illumio’s flexible options for enforcing segmentation.

By selectively applying deny rules for all but essential user-to-server traffic, the retailer gained fast protection of hundreds of Windows servers.

This method buys Fried and team time to progress towards the Zero Trust standard for allow-listing. It also gives them proactive protection against ransomware, with the ability to instantly block common pathways, such as Remote Desktop Protocol (RDP), to critical servers.

Results & Benefits

Brooks is currently months ahead of its forecasted timeline for the initial phase of implementation.

"We’ve moved much faster than we thought we would,” Fried says. “Illumio has allowed us to safely and efficiently execute our plans with zero application downtime or user impact.”

The team realizes ongoing benefits from:

  • Improved alerting: Brooks integrates Illumio’s traffic data with its SIEM platform, allowing them to create alerts based on blocked traffic and respond rapidly.
  • Exceptional ease of use: In keeping with the company’s “Run Happy” spirit, multiple people are happy Illumio Core users, a testament to its ease of use.
  • Faster risk insights: The team can quickly analyze historical traffic flows for a deeper understanding of connectivity and risks, helping them prioritize security decisions. 
  • Confidence in resilience: By gaining a holistic view of its hybrid, multi-cloud environment, Brooks can more confidently respond to a system going down or defend against a cyberattack.