Trace Id is missing
December 20, 2021

Advantech chooses Microsoft to modernize network security and anchor its global Zero Trust strategy

Technology manufacturer Advantech realized it needed to match its modern workplace initiative with a more proactive IT security stance for its corporate networks and manufacturing facilities around the globe. With the help of partner Freedom Systems, Advantech identified Microsoft Security as the best option, building on existing Microsoft 365 investments and offering a broad range of connected features that are easy to deploy and operate. Advantech staff now enjoy a more secure and compliant environment that enables them to focus on their core business goals.

Advantech

“With our investments in the cloud, the expertise of our partner, and a modern security infrastructure from Microsoft, we can concentrate on our core business—that’s what is best for us and our customers.”

Jack Lin, IT Director, Advantech

Advantech is a global leader in technology manufacturing, including software and hardware solutions for IoT intelligent systems, machine automation, and embedded computing. The company’s mission is “Enabling an Intelligent Planet,” and its more than 5,000 employees generated around $1.8 billion revenue in 2020.

But until recently, the company didn’t have a dedicated IT security team. After a widely publicized threat focused attention on the security of its IT infrastructure, Advantech engaged Freedom Systems, member of the Microsoft Partner Network, to conduct a thorough review. As a result, the company assembled a new security team to oversee deployment of Microsoft Security solutions to help keep internal networks—and manufacturing facilities in Asia, Europe, the United States, and Australia—highly secure and compliant.

Security challenges in global manufacturing

Increasingly, news stories are highlighting international IT security threats, and a rapid transformation from in-person office work to remote work raised questions for Advantech IT administrators. Then in November 2020, Advantech realized that a ransomware attack on its network had put valuable information at risk. The company looked to Freedom Systems to help understand the issue, provide immediate mitigation, and help plan a more proactive security stance to reduce similar risks in the future.

Ultimately, the attack didn’t affect production, and operations quickly returned to normal. But according to Kevin Lin, IT Manager at Advantech, he and his colleagues identified a number of factors that caused immediate concern. “We had many remote business units—around 50 branch offices worldwide—and we didn’t have much visibility into our network,” he says. On this occasion, the attack affected corporate network servers and was quickly mitigated. But it raised the visibility of potential threats to factory production that could impact revenue, delay customer deliveries, involve theft of sensitive intellectual property like product designs, and even result in safety incidents. Kevin Lin notes that, “We realized we didn’t have staff dedicated to figuring out our security situation, particularly in our manufacturing plants where IT security isn’t their specialty. The attack alerted senior management that they needed to deploy operational technology security monitoring in our factory networks." 

A call to experts for advice

Freedom Systems offered to perform an analysis of the company’s infrastructure to identify potential weaknesses, particularly in light of the November attack, but also to anticipate a broad increase in the number and sophistication of future cyberthreats. A major issue, says Russell Chen, Service Consultant at Freedom Systems, was that staff had been using their own third-party solutions stemming from the shift to remote work—a process that COVID-19 had accelerated. The need to continue working effectively sometimes took priority over concerns about working as securely as possible. Chen says this led not only to increased risk, but also that the risk was largely invisible to Advantech IT administrators.

“Employees were using VPNs that are implicitly trusted when they shouldn’t have been,” Chen cites as an example, “Interconnected VPNs can originate and spread malware quickly and without detection, as happened with the attack on Advantech, which originated in Europe.” A 40-page document prepared by Freedom Systems, with input from Microsoft, outlined all the vulnerabilities that were found. The report recommended that Advantech develop a Zero Trust strategy to protect the company at multiple identified points of risk.

Something that impressed the Advantech team was that Freedom Systems didn’t endorse any specific product or solution. The partner remained neutral and focused on analysis and use case as its priority. Only then were potential solutions considered and put into trials and proof of concepts (POCs). Given the publicity that the ransomware attack had generated, many vendors that engaged with Advantech pitched products rather than solutions, but most fell short. “We needed security without affecting efficiency on the client side or requiring specialist installation and configuration by administrators,” says Kevin Lin.

Microsoft Security offered a distinct advantage in its holistic approach to services and security, says Kevin Lin. “Other solutions were a little siloed, specialized, and required individual testing—both for the product and for support,” he says. “Many didn’t adequately address operational technology requirements for manufacturing plants, and we recognized that Advantech’s environment called for a comprehensive solution like Microsoft Security, not a collection of solutions.” Besides that, Microsoft has proven expertise as designer, builder, and provider of Advantech’s modern workplace infrastructure, which made it a natural frontrunner. “Ninety-five percent of our devices are Windows-based, and no one knows Windows better than Microsoft,” Kevin Lin says. “And having the end-to-end suite with services and security working together is better for Advantech.”

A platform response for Zero Trust

Advantech adopted Microsoft Security as a platform response in its drive toward a Zero Trust strategy. “We did many POCs with many different vendors, including CrowdStrike, FireEye, you name it, but no one met our needs,” says Kevin Lin. “We wanted a comprehensive solution to create better efficiency and visibility and decided on Microsoft.”

The company made rapid progress by deploying Microsoft Defender for Endpoint to help protect devices, and it deployed Microsoft Defender for Identity for more secure user access to the corporate network. The discovery capabilities of Defender for Endpoint helped the company develop a more clear view of its complex network of locations, which will allow the organization to develop rules that will help reconfigure a corresponding collection with Microsoft Azure Firewall. “That visibility helps us set up ports in Azure Firewall to allow traffic among our factory locations, for example, opening up visibility in a highly secure way,” says Kevin Lin. “By taking advantage of Defender for Endpoint playbooks and automated rules, we can raise user and administrator productivity without compromising security.”

Advantech’s security team is now looking to further raise visibility into their IoT and operational technology (OT) risk with agentless, network-layer security provided by Microsoft Defender for IoT—including IoT/OT asset discovery, vulnerability management, and continuous threat monitoring with anomaly detection—which is currently in proof of concept trials. Kevin Lin found that most security vendors don’t support the specialized protocols and security requirements for IoT and OT devices, but with Microsoft Security solutions, Advantech was able to implement Microsoft Sentinel for SIEM/SOAR and Microsoft 365 Defender for extended detection and response, which is a big advantage. That ease of installation and administration is important to Advantech, and staff in its European offices are currently trying out Microsoft Intune—a service within Microsoft Endpoint Manager that is included in the company’s Microsoft 365 E3 licensing—to further simplify deployment and operation. “We expect Endpoint Manager and Intune in particular to be an immense help in keeping everything up to date and protected by the latest policy,” says Kevin Lin.

A staged deployment

Successful trials of these and other Microsoft 365 applications and services will result in broader deployment at Advantech. But caution is a characteristic of the manufacturing industry, in which operational continuity and safety are fundamental requirements, especially in deploying new technology. So, being able to deploy security features and associated technologies from its Microsoft 365 subscription in a staged manner, feature by feature and even location by location, is important to Advantech. “We deployed our modernized communications infrastructure carefully, piece by piece: Exchange Online, then SharePoint, and now Microsoft Teams,” says Jack Lin, IT Director at Advantech. “Because Microsoft Security is part of our platform, we can also deploy [technology] in a staged way to meet our current needs. So, we can protect data, identity, and endpoints, and we can provide a more secure Teams environment. We’re testing Intune, and we’ll also be evaluating Microsoft Sentinel to strengthen our new, centralized security operations capabilities.” Jack Lin adds that in the past few months, his team has taken advantage of opportunities provided by his investments in Microsoft Azure to raise both performance and security for web applications. “We’re using Azure Web Application Firewall to protect important websites, Azure Content Delivery Network to improve web application loading, and Azure DDoS Protection for web and e-commerce sites,” he says.

To track progress in its journey to Zero Trust, Advantech is using Microsoft Defender for Cloud to monitor its Microsoft Secure Score, a numerical assessment of the cloud infrastructure’s security posture, in which the score will increase as security recommendations are implemented, indicating a lowered risk. “Our initial score was 38 percent,” says Kevin Lin. “We’re now making progress, and Freedom Systems is helping us improve our overall security and compliance, so we expect to achieve more than 50 percent in the next few months and even more by the end of 2021.”

A forward-thinking partnership

Few organizations of Advantech’s size have been so forward-thinking in their IT infrastructures, such as its migration to the cloud and now in securing its corporate and manufacturing environments with the latest advances in cloud-based security from Microsoft. Jack Lin considers it business-critical to take such an approach to Advantech’s IT investments. “My goal is to make sure we take advantage of state-of-the-art technology to deliver the best service to our customers,” he says. “With our investments in the cloud, the expertise of our partner, and a modern security infrastructure from Microsoft, we can concentrate on our core business—that’s what is best for us and our customers.”

Find out more about Advantech on Facebook, and LinkedIn.

“We deployed our modernized communications infrastructure carefully, piece by piece: Exchange Online, then SharePoint, and now Microsoft Teams. Because Microsoft Security is part of our platform, we can also deploy [technology] in a staged way to meet our current needs.”

Jack Lin, IT Director, Advantech

Take the next step

Fuel innovation with Microsoft

Talk to an expert about custom solutions

Let us help you create customized solutions and achieve your unique business goals.

Drive results with proven solutions

Achieve more with the products and solutions that helped our customers reach their goals.

Follow Microsoft