OVERVIEW

Santalucía is the parent company of the Santalucía Group, an independent insurance holding company in Spain and Latin America with almost 100 years of experience in household insurance. With more than 7 million customers, Santalucía has gained a solid reputation thanks to their team of 17,000+ experienced professionals and their complete offering of quality products. The company has a wide distribution network composed of over 385 agencies and about 400 channels, plus a website for direct selling.

CHALLENGES

Although their main market is in Spain, Santalucía Group is expanding to Portugal, Colombia, Mexico, and Argentina. In addition, the firm is committed to the diversification of business lines, evolving towards a general insurance company with a presence in all branches of insurance. In return, Santalucía has to generate and manage a huge volume of confidential and highly sensitive customer data and must comply with the General Data Protection Regulation (GDPR). This has raised the need for them to review their security policies, adapt to the new conditions created by a fully connected and digitized environment, and be prepared to respond to a potential attack.

To do this, they had to homogenize their solutions and gain 360-degree visibility across everything that happens in the Group. Santalucía needed to shield their data center from possible attacks and data breaches. This lead Santalucía’s IT team to secure the 800 servers that make up the Group‘s data center; a mixed environment that combined both physical and virtual servers and where Linux®, Microsoft Windows, and VMware technologies coexisted.

“When you tend to have everything connected, the unification of solutions is critical, that‘s why we decided to renew our security solutions,” explains one of Santalucía’s IT team members. “Identifying vulnerabilities and being able to react and apply the appropriate patches before they could be exploited, stopping potential zero-day attacks—it was our biggest challenge to be able to guard the confidential data with full guarantees.”

WHY TREND

After assessing different options, Santalucía decided to implement Trend Micro’s proposal. The distinctive feature of Trend Micro is that its solutions are able to talk and correlate with each other, providing incident detection and response, constant visibility and control over all layers of the infrastructure, and the introduction of virtual patches to keep systems and applications up to date. The use of artificial intelligence (AI) and machine learning allows Trend Micro to analyze behaviors and comprehensive network controls to offer protection even before vendor patches are deployed or before other challenges arise that may delay the application of such patches. Trend Micro solutions, powered by XGen™ security, gave Santalucía a way to combat attacks by reducing the exposure window via the use of sandbox and virtual patch technologies.

SOLUTION

To guarantee the security and availability of the information of their CPD, Santalucía has relied on Trend Micro Deep Security anti-malware and virtual patching features, preventing countless software vulnerabilities, data theft, security breaches, and other attacks. “Now Santalucía has a timely complement to traditional patching processes that allows us to save time and resources, as Trend Micro virtual patches are applied automatically. What used to be monthly tasks, we now have to do only two times a year”, affirms Santalucía’s IT team.

Santalucía has seen the decrease in interruptions and has retained greater control over patch programming with full protection for all endpoints and servers—regardless of whether they are hosted on-premises, virtually, or in the cloud. Email and endpoint protection are covered with Trend Micro Smart Protection Complete, which provides a set of connected and multilayer security capabilities that protect users on or off-site, with Trend Micro Mobile Security deployed to protect 3,500 tablets in the commercial area. Thanks to all this, the Group has more intelligent and modern security with 360 visibility and centralized control, and is ready to respond to advanced threats. Most importantly, Trend Micro has helped eliminate the complexity and security gaps associated with the use of different solutions.

In addition, Trend Micro Deep Discovery Analyzer was installed, providing expanded sandboxing technology to detect and analyze targeted attacks, multi-stage downloads, URL, C&C, and more, within a totally closed and isolated environment.

RESULTS

Thanks to Trend Micro, Santalucía has launched an integrated and flexible security ecosystem that simplifies analysis and security event management. “We are ready to take on the additional operational challenges associated with virtualization or the deployment of other infrastructure safely and always complying with the legal framework. Our initial challenges have been solved with a set of solutions that interact with each other,” says a Santalucía IT expert.

Santalucía has kept its philosophy of growth, diversification, expansion, and quality without sacrificing innovation, thanks to a modern and intelligent security strategy that revolves around connectivity and real-time responsiveness. In addition, Santalucía’s IT teams are able to focus on their day-to-day without having to worry about downloading, testing, and deploying patches for all known and unknown critical vulnerabilities, eliminating downtime and extra costs.

WHAT'S NEXT

In order to continue protecting Santalucía’s infrastructure, Trend Micro is working on secure the Group’s environment from data leakage. To do this, they are testing data loss prevention and encryption technologies, both integrated within Trend Micro Apex One and Trend Micro Deep Discovery Inspector.