In brief
Convenience store chain
Retail
United States
In recent years, a large, U.S.-based convenience store chain with over 1,000 stores has pursued an ambitious modernization plan to improve customer service and consistency across the chain. That has included replacing point of sale (POS) systems, expanding use of SaaS applications in Azure to utilize in-store data more meaningfully, and launching a loyalty program with personalized offers and rewards.
However, the company’s security infrastructure needed updating: Its SD-WAN solution was inefficient, and inconsistent in-store security created gaps in visibility.
The company’s new chief information security officer saw the need to establish a consistent in-store firewall solution across the chain and improve service edge security. The company’s IT leaders chose Palo Alto Networks as their trusted partner to meet these needs and ensure that security is baked into ongoing modernization initiatives.
CHALLENGE
Over time, as the convenience store chain grew through acquisitions and by opening new stores, its in-store security infrastructure became a patchwork of solutions. Many stores employed consumer-grade security software solutions, and numerous stores had no in-store security at all.
“The existing network security product provided no visibility into the in-store systems,” a Palo Alto Networks sales executive explains, “and because it was managed by a third-party vendor, the IT team had no control.”
In addition, the company’s SD-WAN solution was cumbersome and costly. The SD-WAN’s data landed with the thirdparty vendor that provided network security, making access to data difficult. As the company moved more of its data and applications to the cloud, these access issues added complexity and negatively impacted network performance.
REQUIREMENTS
To meet these challenges, the company set out to simultaneously improve in-store security and adopt a better solution for security at the edge. The urgency of modernization initiatives across the chain drove these improvements, which became closely linked as they progressed.
For in-store security, the company’s priorities were:
For the SD-WAN replacement project, the company needed to:
SOLUTION
Before initiating the in-store firewall project, the chain relied on Palo Alto Networks for firewalls in its data center and corporate locations. The opportunity to unify a comprehensive solution by using integrated firewalls in the stores—along with gaining superior performance—made Palo Alto Networks Next-Generation Firewalls (NGFWs) the natural choice. The company also replaced its managed data center provider with Prisma Access.
Using NGFWs in its stores allowed the company to standardize in-store security across its expansive and geographically diverse footprint. It also provided the comprehensive visibility the IT team needed to ensure that all in-store systems were working properly. Along with the NGFWs, the company deployed cloud-delivered security tools, including Advanced Threat Protection, Advanced URL Filtering, WildFire®, and DNS Security.
BENEFITS
By selecting Palo Alto Networks to improve in-store and service edge security, the company added to the NGFWs already in its data centers. Deploying NGFWs for in-store security created a unified strategy across all its locations, with Prisma Access securely connecting every store to the company’s network, data centers, and Azure environment.
With Prisma Access configured with direct tunnels into the data center, overall network performance was improved, and costs were reduced by eliminating the managed data center provider. This also simplified access for all users while improving availability of data to SaaS applications.
Moving toward a unified, platform-based approach enabled the IT team to simplify security management and gain greater control over policies, investigation and response, and management of security data. Rather than relying on a third-party vendor, the team can now maintain network and service edge security with a single interface, making security operations more agile and responsive. By eliminating the legacy vendor, the company realized cost savings of over $2 million per year.
“Now, data is available to applications and users anywhere on the network directly from stores,” the sales executive says. “And it’s secure, whether it’s coming from the stores, in the data center or cloud, or is in motion on the network.”
The company’s security posture has improved significantly. With NGFWs and cloud-delivered security services, the company can maintain comprehensive visibility into every store while reducing response time through automated threat prevention, detection, and response. Prisma Access aligns security goals with modernization, allowing data to move from stores directly into the data center while remaining secure.
Working with Palo Alto Networks has helped the company create the strong security posture it needs to pursue its modernization initiatives with confidence. Instead of an inconsistent patchwork, it has created a unified approach to security, from data centers to the cloud to thousands of stores.
Since it deployed NGFWs and Prisma Access, the company continues to work with Palo Alto Networks to meet the emerging security challenges of ongoing modernization, such as deploying Cortex XDR for endpoint security and segmenting IoT devices to protect the network.
In the future, as the company moves away from hardware and toward greater virtualization, it will look to Palo Alto Networks as a trusted partner to keep it secure.
Find out more about how Palo Alto Networks’ best-in-class solutions can improve networking and security for your organization. Additional information is here.