Industrial Engineering Leader Aims to Protect Data
People-centric Security Helps Control Risk of Data Loss
- Protect data and intellectual property against attacks
- Master access management and information sharing in different environments, including Microsoft Office 365
- Support employees with best practices and security solutions
- Proofpoint Email Protection
- Proofpoint Targeted Attack Protection (TAP)
- Proofpoint Threat Response Auto-Pull (TRAP)
- Proofpoint Internal Mail Defense (IMD)
- Proofpoint Cloud App Security Broker (CASB)
- Proofpoint Security Awareness Training (PSAT)
- Protected against 95% of phishing attacks and malware infections in Office 365 in one year
- Enhanced visibility into account compromise risks through alerts and analysis dashboards
- Reduced time spent searching for, understanding, and neutralizing active threats
- Controlled costs
In 2019, Fives achieved a turnover of 1.99 billion euros. And it employed nearly 8,400 people across 80 companies in some 30 countries.
Supporting global industry leaders at every stage of their production cycle requires solutions to prevent identity theft and data loss to protect industrial and intellectual property. As massive ransomware attacks began to hit the world, Fives realized it needed to strengthen the security of its Office 365 messaging system. It also needed to support its employees with security best practices.
Attackers use social engineering techniques to get employees to open a fraudulent attachment or click on a malicious link. And there’s a constant evolution of threats in work environments, which includes an increase in malicious URLs. This has accelerated the organization’s commitment to implement a truly people-centric defense strategy.
“The legacy solution we were using to protect our messaging was not working to our satisfaction. Following several peer recommendations, we decided to conduct a proof of concept with Proofpoint to compare the performance of the two solutions,” explains Kélig Dugué, director of cybersecurity at Fives.
The proof of concept for Proofpoint Cloud App Security Broker (CASB) was decisive. “We quickly realized the full potential of this solution. Its ability to give us visibility into users and data, generate alerts and navigate in analytics dashboards, convinced us. We were particularly fond of its user interface,” explains Kélig Dugué.
Tailor-made project management
The project gained momentum and took on a new dimension when Fives decided to federate the company’s intranet with Office 365. The transition from an application-based intranet to a collaborative solution, a Digital Workplace, had to be done without compromising security. In fact, it had to improve security while simplifying the user experience by reducing the number of required passwords.
A new proof of concept was then launched with Proofpoint CASB and Ilex Sign&Go. This was to ensure that the authentication environment had the right configuration. Proofpoint was the leader on this project and highlighted its flexibility, responsiveness and ability to quickly deploy its solution in complex environments. It took less than five months to complete the Fives Digital Workplace federation project.
A stronger last line of defense
In addition to its infrastructure protection, it’s a key mission of the Fives security team to support employees in implementing good security practices.
Fives recognized that a security-conscious employee can be the last line of defense against an attack. The company deployed Proofpoint Security Awareness Training (PSAT), which simulates phishing attacks and encourages its users to play a key role in identifying and blocking these attacks. Employees can simply click on a button to report suspicious messages. With these comprehensive features, Fives puts people at the heart of its security strategy. This helps to reduce the exposure to threats and effectively protects against attacks.
With Proofpoint, the entire risk management process is optimized. There’s faster identification of potential account compromises, enabling instant, accurate reporting to the monitoring team. They can then make informed decisions quickly, such as changing a password, revoking OAuth tokens and more. And now it only takes a few minutes from detection to neutralization of active threats.