ÖAMTC – FireEye/IKARUS Security Software

An IKARUS success story.

ÖAMTC: automobile club with over 2.3 million members

As Austria’s largest automobile club, ÖAMTC focuses on providing services for almost 2.3 million members. The club is the contact point for all questions relating to driving – both in everyday life as well as emergency situations – and it promotes the interests of its members. The ÖAMTC operates 115 bases, eight driving technology centres and 17 emergency medical helicopter locations throughout Austria. In 2019, the mobile breakdown service recorded almost 680,000 call-outs, the Schutzer emergency service helped more than 60,000 people in emergency situations at home and abroad, and Christophorus emergency rescue helicopters took off more than 18,900 times to save lives. In total, around 115,000 people completed training courses at the driving technology centres, where almost 4,000 employees are committed to supporting people and driving. In terms of IT, approximately 5,000 endpoints are used, with the majority of employees working on terminal servers, i.e. shared systems. One of the most important things for the ÖAMTC is ensuring that their endpoint solutions save resources, are platform-independent, can be combined with a network-based solution, and can talk to a platform such as FireEye Helix.

Complex IT challenges

The ÖAMTC is a very diverse association. Apart from the breakdown service, which is classically associated with the automobile club, it also encompasses many other areas such as air rescue, driving technique centres, insurance services, damage assessment, and even the Austrian camping club. These departments naturally have very different requirements in terms of their IT infrastructure, which means that all the different circumstances and possibilities have to be taken into account. Nevertheless, it is important to establish clear minimum standards within a common framework and to monitor them. IT systems for core services – such as the breakdown service, operations and deployment control, and the administration of the entire membership – are provided centrally, in addition to local IT infrastructure in the regional associations.

Christoph Pertl

Christoph Pertl – IT Security Officer – ÖAMTC

Extensive IT security tasks

The tasks relating to IT security are divided into project-related and daily business. A  typical task for the operational area is evaluating security incidents that arrive via various systems. In most cases, these are not too problematic and many things are automated. In respect of the business side of things, most of the work is consulting services for specialist departments. The ÖAMTC also offers a number of modern services and relies on digitization: “Innovation and security must complement each other here, without creating the perception that IT security is a hindrance,” reports Christoph Pertl, based on his own practical experience.

As a result of the many available online services and the website, which regularly ranks among the top 15 most visited in Austria, as well as the high level of awareness surrounding the ÖAMTC brand, there is “background chatter” in the IT security sector. Christoph Pertl: “As with many companies, the main gateway into the company is e-mails that have dangerous attachments and links. We have been exposed to both phishing and direct attacks containing malicious code.”

The ÖAMTC attaches a great deal of importance to the training of its employees: “Every employee goes through a step-by-step programme that starts with the onboarding procedure and continues with awareness training, e-learning and targeted training for specialist departments, such as human resources or finance. “Targeted attacks are rare but “our absolute asset is the member data. For us, the great feeling we get from being at the club naturally also includes the safe and conscientious way in which we handle the data entrusted to us and protect it in the best possible way“ explained Christoph Pertl.

Desire for increased transparency and visibility

The general objective in the ÖAMTC IT Security sector was to improve options  based around response and visibility, even if the preventive approach used so far has worked satisfactorily. “That’s why I have long tried to bring together the possibility of a response and the topics of SIEM and services, which could be used as a basis to be built around, as well as looking to the possibility of a response and searching on the market for solutions”, said Christoph Pertl about his mission to find a suitable solutionHowever, classic SIEM (Security Information and Event Management) solutions have proven to be overkill for an association like the ÖAMTC. Many systems on the market offer services that include alerts, but no response. Ultimately, he found the advantages of FireEye’s portfolio of endpoint security, network security and the Helix security platform to be impressive: “In the end, the decision was made, knowing that the comprehensive know-how of the internationally active group FireEye was combined with IKARUS as a regional partner for implementation and service“, summarises Christoph Pertl. The idea of using an Austrian company in the security environment as part of the overall concept was viewed positively, especially since there are regional differences compared to the larger global world. Christoph Pertl describes his idea from a philosophical point of view:

“From an IT security point of view, the available environment should meet modern requirements for innovation, flexibility and stability. This only works if you can see what is happening so that you can take targeted measures. In terms of a purely preventative approach, I have to block what is dangerous, but if I invest in visibility, I can allow more, take a closer look, and therefore maintain control”.

With FireEye, you know that you have an international company behind you, which is equipped full of resources if necessary. We also find that cooperating with the IKARUS Service is very positive and reassuring because of their availability and flexibility. “To be able to have a direct contact person just a few hundred metres away, if necessary, is great”, explains Christoph Pertl.

Initial experience

Recently, we did actually have an incident. Through a previously used endpoint security solution that was planned to coexist and be in use, we analysed a file and received a warning that a Trojan was detected. Before the new solution was in place, we would have totally believed that the incident existed and manually tried to find out from other log sources where it came from. We wouldn’t have known if any damage had been done before and what that damage might have been. We would have had to manually scan affected systems using additional engines, and look at network log files to check whether connections to the outside world had taken place etc. This would have taken a long time and the result probably wouldn’t have been good”. As it was, some of the systems already had the FireEye Endpoint Client installed and so we were able to tell exactly whether any register keys were changed or processes were streamlined, and we quickly found out that there weren’t any issues reported a very happy Christoph Pertl.

Future plans

“It will be exciting,” concludes Christoph Pertl. “A lot has been invested in the last few years. Now all companies have to make savings depending on their situation, but especially given the current situation, we are hugely dependent on IT infrastructures. Otherwise, if you think about it, the ‘home office’ scenario wouldn’t have worked out so well. “Due to the current crisis, it is impossible to predict whether digitization will continue as rapidly after the crisis as it did before. But what is certain, is that the security of data, devices and production systems is more relevant than ever.

ÖAMTC

Solution:
FireEye Endpoint Security, FireEye Network Security, FireEye Helix

Founding: 1946

Number of members: 2.106.672

www.oeamtc.at

Further IKARUS success stories

EGLO

EGLO

"In the event of an incident, every minute counts. The sooner you can get started with targeted measures, the better," Peter Lechner recalls the situation at the time: "Already on the first day after the attack at night, there was a professionally organised crisis meeting with the experts from IKARUS and Mandiant, and we didn't have to wait two or three days for something to happen."
Logo KSV1870

KSV1870 – Austrias leading Creditor Protection Association

“When making the selection decision, it was particularly important for us to find a partner who is ideally located in geographical proximity, has many years of expert know-how and has a globally active partner in the backend. After extensive evaluation, the decision was finally made in favour of XY”, says Thomas Hämmerle.
A1 Digital

A1 Digital – An IKARUS success story.

"In our search for a suitable partner for the essential topic of cyber security, we quickly came across IKARUS Security Software. The already proven cooperation with A1 turned out to be the ideal basis for the desired security platform," Thomas Snor, Director Security at A1 Digital, describes the first steps.
SeneCura-Logo

SeneCura

"The challenges for the IT infrastructure are complex because round-the-clock operation is necessary in care. Also the requirements for availability are high."
Saubermacher

Saubermacher

The partnerships with Nozomi Networks, the technology leader in IT/OT security, and Trellix (formerly FireEye) in collaboration with Mandiant, the market leader in threat intelligence and incident response, combined with the overall know-how and local support of IKARUS, results in a well-rounded total package.
DerMann

DerMann

"With IKARUS mail.security with ATP, DerMann has a solution that recognizes and blocks spam, malware, dangerous URLs and harmful attachments before they can penetrate the system and cause damage."
KunstUniversitaetLinzLogo

Linz University of the Arts

“What counts for us is reaction speed, little effort on our part and the best possible output. It is not the cheapest bidder that gets a chance with us, but the best bidder: We value the professionalism, availability and problem-free communication with the IKARUS team!”
securepoint

Securepoint

Securepoint is the German market leader in developing professional Unified Threat Management solutions (solutions combining different security tasks on one platform) and the most significant global manufacturer in the cloud sector.
Merkur Versicherung

Merkur Versicherung takes a bold step into the future

„We know each other by now and we appreciate the professional cooperation.“ Robert Picher, Head of IT at Merkur Versicherung
Suzuki Austria

Suzuki Austria

“We are using Mobile Device Management for the first time and quality, reliability and security are particularly important to us," says Gerhard Eber, ICT Manager at SUZUKI AUSTRIA.
Motormobil - Ford4you

Motormobil

“Due to the many systems running in parallel, permanent monitoring of the entire chain is a priority to be able to react quickly if something is not running correctly!” Gerhard Lochner, IT Manager of Motormobil
Wittmann Battenfeld

WITTMANN Group

“IKARUS Security Software reacts extremely quickly to local threats and has thus already saved us from countless attacks – it is a fixed component of our security concept”. Ing. Janusz Russocki, Head of IT at WITTMANN Group
opswat

OPSWAT: Simultaneous Anti-Malware-Engines

“Since the partnership started, we were continually very happy with the IKARUS scan.engine”, Vinh Lam, OPSWAT´s Senior Software Engineer
Landesschulrat NÖ

Lower Austria Regional School Board

Helmut Neumayr, MSc, specialist in the area of information technology for the LSR NÖ, is convinced of the overall solution: “The total costs per school could be reduced despite the higher quality, while at the same time reducing complexity and improving support.“
Steyr Arms Logo

STEYR ARMS

"We use a multi-level technical security concept and rely on the awareness of our colleagues," explains Walter Hölblinger, CIO at STEYR ARMS
Egger Glas

Egger Glas Insulating and Safety Glass Production

“Our most important criterion for email traffic was a reliable and proven sandbox solution that checks and filters all emails before they reach our mail server. “ Bernhard Posch, Head of IT at Egger Glas GmbH
Cumulo

Cumulo – nimbusec website security monitor

“With IKARUS we have a clear benefit for nimbusec and we benefit also from the long experience of the Austrian company”, says Dipl.-Ing. Marin Leonhartsberger, CEO of Cumulo GmbH.
Computertechnik Wenger & Partner

Computertechnik Wenger & Partner

"IKARUS Security Software covers all our needs in this area and makes this task extremely easy for us with one contact person for all questions!” Michael Haitzmann, managing director Computertechnik Wenger & Partner OG
Citycom

Citycom

"With IKARUS I know that they tick in the same way, speak the same language and think as we do." Günter Großschädl, Head of IT Operations
Bad Radkersburg

Bad Radkersburg

Andreas Puntigam, IT manager of the municipality of Bad Radkersburg, knows that an operational 24/7 support can only be achieved with reliable partners: "Externally, we rely on one partner for the entire server landscape, for example, as well as for the firewall." The municipality of Bad Radkersburg has been working with the leading Austrian provider IKARUS Security Software on the important issue of IT security since 2010.
A1 Telekom

A1 Telekom

“IKARUS Security Software provides high-quality security solutions which have been customized for our specific needs. The company staff are a group of highly trained and diligent experts which have an excellent communication style. They are punctual, responsive and highly skilled in terms of technical support which makes our day to day operations and interactions with our end customers much easier.” Thomas Schmidt, MBA MSc, A1 Security Services, A1 Telekom Austria AG
Triburg Freight Services

Triburg Freight Services

“We were impressed by the fast reaction times and the communication style with CLOUDMIND and IKARUS”, says Madhu Kurup, IT-Administrator at TFS

WE ARE LOOKING FORWARD TO HEARING FROM YOU!

IKARUS Security Software GmbH Blechturmgasse 11
1050 Vienna

Phone: +43 (0) 1 58995-0
Sales Hotline:
+43 (0) 1 58995-500

SUPPORT HOTLINE

Support hotline:
+43 (0) 1 58995-400

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm

Remote maintenance software:
AnyDesk Download