There are many new challenges within the industrial sector, including the combination of "traditional" office automation (IT) and the infrastructure of the production environment (OT). It is difficult for most organizations, and IT teams to deal with these strictly separated environments. In mid-2018, the Dutch company Alkion Terminals faced this very problem and required a product that offered insight into their security status.
From 0 to 10
While supplying and distributing petroleum products and chemicals to end consumers, Alkion combines the tank storage industry and practical operational expertise to operate and optimize liquid bulk terminals. Operating a network of oil and chemical terminals. Alkion plays a primary role in the European downstream value chain, currently operating ten terminals at various locations in Europe.
"At the start of 2017, we immediately went from 0 to 10 terminals. This expansion had a huge impact on us. Especially since we didn't know what we would find at the different locations, and at the time, inventorying the assets in the various countries and getting to know the security status had a high priority." Says Patrick Mast, IT Director at Alkion.
Successful Proof of Concept
Starting off relatively unfamiliar with vulnerability management, Alkion researched and decided to test two products. To compare the products correctly, Alkion entered a Proof of Concept (PoC) phase. During the PoC, Alkion tested the Holm Security VMP thoroughly within an agreed six-week period to fully understand their IT environment.
"Alkion's IT environment consists of standard office equipment, including Windows equipment. Our terminals are equipped with PLCs, and we wanted to know how they would respond to scans. We asked the supplier of these PLCs to facilitate a test setup at one of the locations to prevent scans from interfering with the core activities of the terminals," says Patrick Mast.
Country Manager Benelux at Holm Security, Jan Willem Plokkaar, adds:
"Normally, we use 3-4 weeks for the PoC, as this gives plenty of time to experience the platform and our services. In this case, we chose to expand this to be able to test the PLC set up properly and to learn from such environments".
A partnership in mind
"We're immediately convinced by how Holm Security handled the PoC. They were eager to help us, running the PoC free of charge and facilitating full support during the period. A technical specialist helped explain the scanning results during the weekly evaluation sessions, immediately resolving any feedback or hick-ups. That phase gave us the confidence that Holm Security listened to us and was there for us. Also, facilitating a PoC free of charge shows that they trust their technology and support".
Jan Willem adds: "We see a PoC not only as a test for the customer but also for ourselves. A combined office and operational environment are challenging. We wanted to contribute to our learning capacity. It fits in with the partnership we have in mind".
Human-centric company
The successful PoC eventually switched to a contractual partnership. Characteristic of the cooperation between both parties is the systematic follow-up sessions and the platform updates. Recently, various updates have provided Alkion with even greater insight.
Patrick Mast concludes:
"Holm Security has helped us immensely with our challenges. We now know what is running within our terminals and their individual security status, providing us with a starting point for further optimizing our IT. I'm amazed at how human-centric Holm Security is; regardless if it's an email or ticket, I'm always the priority."
Global
Belgium
Denmark
Finland
Germany
India
Malaysia
Netherlands
Norway
Sweden
United Kingdom
