When your company takes prides in constantly reinventing and accelerating its transformation, that culture impacts every part of your operations. That describes the case at Spie batignolles, a leading construction company based in France with operations around the world. This focus posed a particular challenge for Sebastien Vanneuville, Information System Security Manager for Spie batignolles, as he sought to ensure the company’s engineers and consultants could do their jobs securely.
Hundreds of the company’s engineers and consultants work remotely about 50% of the time, in meetings and on site for construction projects. As is the case for any modern business, Spie batignolles equips these employees with laptops that enable them to work from anywhere. However, without the right security measures in place, these tools could be compromised and become a conduit for threats to infiltrate the company network.
As the company grew, its management team became aware of the need to ensure strong cybersecurity. Though Sebastien implemented a range of security solutions to address these concerns, he saw DNS as a weakness when it came to the company’s global security strategy. Because Spie batignolles’ ISP provided a recursive DNS resolution service that relied on third-party threat intelligence data, it didn’t provide the level of protection that the company desired. In addition, it was impossible for the security team to obtain any accurate information about its recursive DNS traffic.
“We had such little visibility that we weren’t aware of any potential security problems, and even the smallest cybersecurity event posed a risk. Also, when users were working remotely, we had no way to ensure they were protected from any potential threats. We needed a way to strengthen our security posture during those times,” explains Sebastien.
Familiar with Akamai’s reputation, Sebastien assessed the Enterprise Threat Protector solution. He was impressed by the the fact that he could quickly and easily improve Spie batignolles’ security posture using DNS without impacting performance.
Enterprise Threat Protector adds a layer of security using DNS as a control point to block malicious domains and communications for all users and devices, whether they are on or off the corporate network. Once Spie batignolles redirected its external recursive DNS traffic to Enterprise Threat Protector, all requested domains would be checked against Akamai’s real-time domain risk scoring threat intelligence. The solution is highly effective due to its up-to-the-minute threat intelligence based on Akamai’s unpreceded visibility into internet traffic, including 2.2 trillion recursive DNS requests resolved daily.
Comparing Enterprise Threat Protector to a plug-and-play solution, Sebastien found it easy to quickly configure, and he was able to easily customize an acceptable use policy. Within a very short time, the solution was deployed and protecting contractors’ and engineers’ laptops.
Previously, Spie batignolles lacked the means to set up and enforce an acceptable use policy. In addition to applying it to employees, Sebastien uses it to enforce a guest Wi-Fi policy to limit the risk of threat propagation.
Sebastien was impressed with the fact that he gained real-time insight into all outbound enterprise DNS traffic, threats, and acceptable use policy events via an easy-to-use dashboard. “We can quickly understand why Akamai has added a domain or URL to its threat intelligence lists,” says Sebastien.
Because Akamai provides up-to-date, relevant information, Sebastien is better positioned to improve his company’s security posture. As he explains, "Previously we couldn’t even tell which users were looking at what domains. We see far more detail with Akamai Enterprise Threat Protector, and are far more comfortable and confident about the security of our laptop users when they are off-network."
The impact of Enterprise Threat Protector is felt in other ways. "Enterprise Threat Protector can handle the work that multiple people on my team used to perform. In fact, we consider it part of our security team. Now that we no longer need to worry about DNS security, we can refocus our efforts on other priorities," concludes Sebastien.
Spie batignolles is a major player in the building, infrastructure, and services industry. It operates on six major areas of expertise: construction, civil engineering and foundations, energy, public works, real estate, and concessions. Spie batignolles’ iconic projects include the renovation of the Maison de la Radio; the research center EDF Saclay; ITER; the Palais des Congrès du Havre; the motorways A10, A9, and A466; the MGEN Institute of La Verrière; the TGI of Strasbourg; the Lyon-Turin rail link; and the works undertaken in the framework of Greater Paris. The group also carries out local interventions, maintenance, and care on the entire nation via a network of dedicated agencies. Spie batignolles is positioning itself in its markets as a leader in the “customer relationship” and is developing a policy of differentiating partnership offers. The group achieved a turnover of 2 billion euros in 2018, has 7,500 employees, and has 170 offices in France and nine abroad, including in Europe, the Middle East, and Africa. Spie batignolles has given itself the means to conduct its development independently. Since September 2003, the group is mainly controlled by its managers and employees. www.spiebatignolles.fr