OTTO (GmbH & Co. KG) needed an integrated security solution that could provide a safe, flexible and scalable environment for digital transformation.
Decreases event analysis time from hours to minuteswith centralized control of threat management
Achieves ~300% reductionin the false positive rate within six months
Cuts down onboarding time from months to weekswith training and support from IBM Security Expert Labs
Business challenge story
In search of flexible, scalable security
When OTTO launched its catalog business 70 years ago, the entire product line consisted of 28 pairs of shoes. Since that time, the German e-commerce company has grown exponentially. It now works with 6,800 brands offering three million products and is the largest online retailer of home furnishing goods in Germany.
For decades following OTTO’s founding, its catalog business thrived. And the company quickly adapted when the rise of digital technologies in the mid-1990s made it possible to offer its goods online.
Its first foray into online retail was concentrated in a small internal department, dubbed “new media.” As e-commerce became increasingly important to the company, OTTO started migrating from its traditional static, catalog-focused back-end system to a more modern web-based system.
At the same time, customer data grew both in volume and importance to the business — along with the need to protect it. The process for investigating suspicious events was labor intensive and time consuming. The company needed a centralized way to monitor and respond to security threats across its enterprise.
To address these challenges, OTTO implemented the IBM Security QRadar Security Information and Event Management (SIEM) solution on premises. Using the QRadar solution, OTTO consolidated and analyzed security data from across the company’s IT infrastructure. A centralized dashboard provided a view of potential threats and activity and enabled security administrators to conduct analysis and take action as needed. The solution helped the company reduce the workflow of analyzing threats from several hours to a few minutes.
As OTTO’s digital transformation progressed, the company adopted a “Cloud Ready, Cloud First” strategy, and its security needs became more complex. OTTO sought a more scalable security solution to accommodate growth. It also wanted a more flexible licensing model to free the security team to focus on threat analysis, response and improvements.
Fortunately, the flexibility and scalability OTTO needed was only a transition away: the company migrated its QRadar on-premises solution to the IBM Security QRadar on Cloud platform. With the software-as-a-service (SaaS) offering, OTTO was able to take advantage of the security benefits it was already experiencing, while offloading the day-to-day operational requirements of managing the platform. With the assistance of IBM Security Expert Labs, OTTO completed the transition in three months.
“We don’t want to have to operate the QRadar environment. We just want to use it from a security analyst point of view — to do analysis and forensics,” says Robert Johns, Senior Expert Information Security at OTTO. “The SaaS capability has been very helpful in that regard, and the health of the system is better because the environment is more stable.”
The IBM Security Services team also demonstrated its value at a critical time during the migration. The OTTO security team faced a staff shortage and needed to onboard two new team members. IBM Security Services worked with OTTO to keep the implementation moving forward smoothly as the onboarding was completed.
Out with the old, in with the cloud
Having advanced its security systems, OTTO can continue to innovate and move solutions to the cloud with confidence. “Prior to implementing QRadar on Cloud, operating the QRadar environment required up to 50% of our security team’s capacity,” says Johns. “Today we can invest that time in the improvement and further development of our use cases.”
It can also speed cloud adoption by taking advantage of QRadar on Cloud out-of-the-box integrations with a variety of cloud services. As a first use case, the company extended incident visibility and analysis to its online storefront, OTTO.de, and back-end systems, which it had recently moved to a cloud platform.
IBM Security Services remains involved on an ongoing basis, working closely with the OTTO security team on the QRadar implementation and providing training workshops in the process. “IBM Security Services enabled us to reduce the time for onboarding new employees from several months to a few weeks,” says Johns. “We were also able to reduce the false positive rate by 300% within half a year. IBM Security Services is a valuable partner in training people to complete tasks in parallel and eliminating the need for costly training when those people are unavailable. I have an additional ‘team member’ and at the same time a valuable trainer.”
Looking ahead, the company is taking a twofold approach to its continuing digital transformation. “With IBM QRadar for Cloud services we are prepared for both implementation approaches,” says Johns. “We can monitor all on-premises resources and can easily adopt new microservice systems in the cloud.”
“Second, next year I anticipate we will try to get more out of automation,” he continues. “We are testing technologies to automate our everyday, repeatable processes, so we can focus on addressing more impactful security challenges.”
About OTTO (GmbH & Co. KG)
Since its founding in 1949 as a catalog company selling shoes, OTTO has been on a trajectory of high growth. Today, it has evolved into an online retailer offering more than three million products from 6,800 brands across diverse industries, such as fashion, lifestyle and multimedia. Headquartered in Hamburg, Germany, OTTO is the largest online retailer in the country and a major e-commerce company, with customers throughout Europe. Its sales for fiscal year 2019/2020 were EUR 3.5 billion and it currently has 4,900 employees.
Take the Next Step
To learn more about the IBM solutions featured in this story, please contact your IBM representative or IBM Business Partner