Leading ERP Provider TOTVS Secures Workloads and Infrastructure Across Cloud Environment with CyberArk
Customer Company Size
Large Corporate
Region
- America
Country
- Brazil
Product
- CyberArk Privileged Access Manager Solution
- CyberArk Privileged Session Manager
- CyberArk Enterprise Password Vault
Tech Stack
- REST APIs
- AWS
- Azure
Implementation Scale
- Enterprise-wide Deployment
Impact Metrics
- Cost Savings
- Productivity Improvements
- Customer Satisfaction
- Digital Expertise
Technology Category
- Cybersecurity & Privacy - Identity & Authentication Management
- Cybersecurity & Privacy - Network Security
- Cybersecurity & Privacy - Security Compliance
Applicable Industries
- Software
- Professional Service
Applicable Functions
- Business Operation
- Quality Assurance
Services
- System Integration
- Cloud Planning, Design & Implementation Services
- Cybersecurity Services
About The Customer
Brazil-based TOTVS is the #1 enterprise resource planning (ERP) provider in Brazil, and one of the largest in the world, delivering intelligent and integrated technology solutions that give customers a competitive edge. Organizations in more than 41 countries trust TOTVS to integrate and manage core business processes — from finance and HR to manufacturing and supply chain management — to drive visibility and efficiency across the business. The company has a cloud platform underpinned by public cloud providers such as AWS and its own cloud that allows TOTVS customers to run their TOTVS ERP solutions in the cloud, while delivering enhanced performance, pay-as-you-go flexibility and scalability. But running IT workloads in the cloud is not without risk. As the platform’s usage skyrocketed, TOTVS sought to increase the security of its cloud assets and services, while enforcing consistent privileged access policies across the environment.
The Challenge
As cloud vendors including AWS and Azure make clear, security in the cloud is a shared responsibility. Though these public cloud vendors take great efforts to secure the cloud infrastructure — compute, storage, etc. — their customers are fully responsible for protecting everything above the hypervisor, including the operating system, applications, data, access to external resources and other assets and infrastructure. Fully appreciating this shared responsibility model, the TOTVS Cloud security team set out to identify a security solution that could not only bolster their cyber resilience but also add value to the TOTVS Cloud by driving automation, standardization and increased efficiency. TOTVS Information Security Cloud Team conducted an in-depth technical analysis of potential solutions, ultimately selecting and deploying the market-leading CyberArk Privileged Access Manager Solution based on overall performance, resilience, health checks, high availability/disaster recovery requirements and cost.
The Solution
The TOTVS cloud infrastructure enables new virtual servers, data stores, containers and other resources to be provisioned as needed. When each new ERP resource is initiated and launched, it is assigned corresponding, privileged credentials to facilitate programmatic requests. But these privileged credentials are unsecured, creating countless new vulnerabilities across the environment. With the CyberArk solution in place, the TOTVS team began automating the once-laborious process of provisioning new instances, securing their associated credentials and secrets in CyberArk’s centralized, encrypted Enterprise Password Vault and managing them using the principles of least privilege. Leveraging REST APIs, these privileged credentials can now be retrieved on-demand by authorized users and applications without requiring human interaction. And when the infrastructure is deprovisioned, the CyberArk solution removes its privileges automatically. To further reduce the size of the attack surface and secure assets across the cloud environment, CyberArk Privileged Session Manager acts as a gateway (or jump server) to limit RDP and SSH access, segregate and harden the network, monitor sessions and produce tamper-resistant audit logs. This enables TOTVS Cloud analysts to access customer servers without ever having direct access to passwords for customer environments. The CyberArk solution has also enabled TOTVS to eliminate hard-coded and visible applications and scripts that utilize the cloud platform’s API while providing a highly secure method for integrations between applications.
Operational Impact
Quantitative Benefit
Case Study missing?
Start adding your own!
Register with your work email and create a new case study profile for your business.
Related Case Studies.
Case Study
Infosys achieves a 5–7 percent effort reduction across projects
Infosys, a global leader in consulting, technology, and outsourcing solutions, was facing significant challenges in application development and maintenance due to its distributed teams, changing business priorities and the need to stay in alignment with customer needs. The company used a mix of open source, home-grown and third-party applications to support application development projects. However, challenges resulting from distributed teams using manual processes increased as the company grew. It became more and more important for Infosys to execute its projects efficiently, so they could improve quality, reduce defects and minimize delays.
Case Study
WUN Systems Case Study
WUN Systems, a provider of an end-to-end Workspace Management Platform, wanted to offer a highly reliable and scalable VoIP service that would easily integrate into their platform. They were looking for an enterprise-grade, solid platform that would enable their customers to communicate seamlessly, whether they were working from their HQ, regional office or a remote location. WUN Systems was looking for an innovative, reliable and experienced communications vendor.
Case Study
Engine Informática offers SAP software as a service with IBM
Engine Informática, a Brazil-based company specializing in the implementation of SAP ERP solutions, identified a gap in the market for small and medium-sized companies. The company realized that the fixed infrastructure investment needed to run SAP 24/7, such as data centers, hardware, and support, meant that the per-user cost could be perceived as too high for smaller companies. The challenge was to reduce or eliminate the capital expenditures and implementation costs as much as possible to help reduce the barriers to entry for these smaller companies.
Case Study
Wittmann EDV-Systeme launches IT monitoring services
Small and medium-sized businesses often lack the know-how and resources required for thorough IT system monitoring. Wittmann EDV-Systeme wanted to launch a solution to plug the gap – enabling it to improve its own competitiveness and that of its customers. IT landscapes are becoming ever more complex and outsourcing is gaining popularity, IT systems must nonetheless remain easy-to-use and extremely reliable at all times. Automated, round-the-clock system monitoring therefore represents an immensely valuable proposition for companies: downtime for business-critical applications can be avoided, and IT systems remain available at all times.
Case Study
Delivering modern data protection with cloud scale backup from Cobalt Iron and IBM
Organizations are struggling to modernize their legacy data protection environments in the face of growing demands around new infrastructure, new applications, and budget consolidation. Virtualization and modern application development processes have significantly outgrown legacy backup architectures. In response, infrastructure teams have created multiple backup solution types to handle the varying SLAs (performance, scale, cost) required by their business sponsors. However, the sheer number and variety of solutions in this uncontrolled expansion creates huge amounts of work, threatening to overwhelm the IT team in many organizations. Today, developers may add new applications and virtual server instances by the hundreds per day without accounting for the restrictions of the existing backup infrastructure. They leverage the cloud for immediate compute and storage resources, yet rarely communicate succinctly with corporate IT to ensure that the appropriate data protection services are in place.
Case Study
IBM social business software connects and empowers employees for competitive advantage
Superior Group, a company providing workforce productivity solutions, found that its employees worldwide felt disconnected from headquarters, regional offices and each other due to outdated internal communication and collaboration tools. The company's intranet had become a top-down affair with little staff involvement, and employees lacked effective tools for anywhere/anytime communications. Those working remotely had limited access to co-workers and company apps. The main method of collaboration was inefficient email, challenging IT staff to manage a growing store of attachments. These factors inhibited the company from achieving its productivity goals.
