OTTO (GmbH & Co. KG) needed an integrated security solution that could provide a safe, flexible and scalable environment for digital transformation.
To support its growing online business, the company chose the QRadar on Cloud solution, rapidly deployed with help from IBM Security Expert Labs.
When OTTO launched its catalog business 70 years ago, the entire product line consisted of 28 pairs of shoes. Since that time, the German e-commerce company has grown exponentially. It now works with 6,800 brands offering three million products and is the largest online retailer of home furnishing goods in Germany.
For decades following OTTO’s founding, its catalog business thrived. And the company quickly adapted when the rise of digital technologies in the mid-1990s made it possible to offer its goods online.
Its first foray into online retail was concentrated in a small internal department, dubbed “new media.” As e-commerce became increasingly important to the company, OTTO started migrating from its traditional static, catalog-focused back-end system to a more modern web-based system.
At the same time, customer data grew both in volume and importance to the business — along with the need to protect it. The process for investigating suspicious events was labor intensive and time consuming. The company needed a centralized way to monitor and respond to security threats across its enterprise.
To address these challenges, OTTO implemented the IBM Security QRadar Security Information and Event Management (SIEM) solution on premises. Using the QRadar solution, OTTO consolidated and analyzed security data from across the company’s IT infrastructure. A centralized dashboard provided a view of potential threats and activity and enabled security administrators to conduct analysis and take action as needed. The solution helped the company reduce the workflow of analyzing threats from several hours to a few minutes.
As OTTO’s digital transformation progressed, the company adopted a “Cloud Ready, Cloud First” strategy, and its security needs became more complex. OTTO sought a more scalable security solution to accommodate growth. It also wanted a more flexible licensing model to free the security team to focus on threat analysis, response and improvements.
Fortunately, the flexibility and scalability OTTO needed was only a transition away: the company migrated its QRadar on-premises solution to the IBM Security QRadar on Cloud platform. With the software-as-a-service (SaaS) offering, OTTO was able to take advantage of the security benefits it was already experiencing, while offloading the day-to-day operational requirements of managing the platform. With the assistance of IBM Security Expert Labs, OTTO completed the transition in three months.
“We don’t want to have to operate the QRadar environment. We just want to use it from a security analyst point of view—to do analysis and forensics,” says Robert Johns, Senior Expert Information Security at OTTO. “The SaaS capability has been very helpful in that regard, and the health of the system is better because the environment is more stable.”
The IBM Security Services team also demonstrated its value at a critical time during the migration. The OTTO security team faced a staff shortage and needed to onboard two new team members. IBM Security Services worked with OTTO to keep the implementation moving forward smoothly as the onboarding was completed.
Having advanced its security systems, OTTO can continue to innovate and move solutions to the cloud with confidence. “Prior to implementing QRadar on Cloud, operating the QRadar environment required up to 50% of our security team’s capacity,” says Johns. “Today we can invest that time in the improvement and further development of our use cases.”
It can also speed cloud adoption by taking advantage of QRadar on Cloud out-of-the-box integrations with a variety of cloud services. As a first use case, the company extended incident visibility and analysis to its online storefront, OTTO.de, and back-end systems, which it had recently moved to a cloud platform.
IBM Security Services remains involved on an ongoing basis, working closely with the OTTO security team on the QRadar implementation and providing training workshops in the process. “IBM Security Services enabled us to reduce the time for onboarding new employees from several months to a few weeks,” says Johns. “We were also able to reduce the false positive rate by 300% within half a year. IBM Security Services is a valuable partner in training people to complete tasks in parallel and eliminating the need for costly training when those people are unavailable. I have an additional ‘team member’ and at the same time a valuable trainer.”
Looking ahead, the company is taking a twofold approach to its continuing digital transformation. “With IBM QRadar for Cloud services we are prepared for both implementation approaches,” says Johns. “We can monitor all on-premises resources and can easily adopt new microservice systems in the cloud.”
“Second, next year I anticipate we will try to get more out of automation,” he continues. “We are testing technologies to automate our everyday, repeatable processes, so we can focus on addressing more impactful security challenges.”
Since its founding in 1949 as a catalog company selling shoes, OTTO (link resides outside ibm.com) has been on a trajectory of high growth. Today, it has evolved into an online retailer offering more than three million products from 6,800 brands across diverse industries, such as fashion, lifestyle and multimedia. Headquartered in Hamburg, Germany, OTTO is the largest online retailer in the country and a major e-commerce company, with customers throughout Europe. Its sales for fiscal year 2019/2020 were EUR 3.5 billion and it currently has 4,900 employees.
Legal
© Copyright IBM Corporation 2020. IBM Corporation, IBM Security, New Orchard Road, Armonk, NY 10504
Produced in the United States of America, August 2020.
IBM, the IBM logo, ibm.com, IBM Security, and QRadar are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at https://www.ibm.com/legal/copyright-trademark.
This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates.
The performance data and client examples cited are presented for illustrative purposes only. Actual performance results may vary depending on specific configurations and operating conditions. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.