ESET Resource Center

Healthy cybersecurity for a healthy business

As a major force in the pharmaceutical sector, Kohlpharma demands best-in-class cybersecurity solutions. To ensure that medication is available to patients promptly and at a reasonable price, Kohlpharma’s operations depend on perfect logistics and rock-solid security management, delivered by ESET.


A complex IT security solution must work properly and yet be easy to use. ESET masters this balance in an
exemplary manner.

Stefan Pistorius
EDP and Administration Manager, Kohlpharma


 

THE CYBERSECURITY CHALLENGE

Kohlpharma was looking for a new IT cybersecurity solution to meet the requirements of CRITIS. Kohlpharma also leads in implementing full automation and industry 4.0 in Germany. Many of its crucial work processes have already been partially or fully automated. Such systems are potential targets of cybersecurity attacks and require complex security management. Therefore, Kohlpharma was looking for an innovative cybersecurity solution that would include not only the best malware protection, but also an endpoint detection and response (EDR) solution.

 

THE CYBERSECURITY SEARCH

Johannes Zenner, Kohlpharma’s Project Manager, worked out an ambitious requirements matrix from the economic, functional and administrative perspectives. Only three cybersecurity solutions providers made it to the shortlist. “ESET was highly recommended to us by our system house ttt-it AG. With very good detection rates, state-of-the-art technology, and recommendations from Gartner and AV-Comparatives, ESET seemed to fulfill our conditions perfectly,” recalls Johannes Zenner.

Kohlpharma closely examined all potential solutions. ESET performed convincingly in several test environments that had cloned servers and endpoints from the production environment. “ESET’s cost-benefit ratio was significantly better than that of other competitors. However, what convinced us were two soft factors. The high level of engagement and the open communication without empty promises are what sealed the deal,” says Stefan Pistorius, Kohlpharma’s EDP and Administration Manager.


THE CYBERSECURITY SOLUTION

It took only six weeks to fully launch the ESET PROTECT Entry solution, comprised of ESET Endpoint Security, ESET Server Security, ESET Shared Local Cache and the Unified Endpoint Management console, ESET PROTECT.

In two further steps, the EDR tools ESET LiveGuard Advanced and ESET Inspect were rolled out. “The entire migration of 1,250 seats to ESET was characterized by the highest professionalism and harmonious cooperation of all parties involved. It was exemplary,” says Stephan Kapetanios from the system house ttt-it AG.

Throughout the entire migration process, ttt-it AG, ESET and Kohlpharma worked together closely, and managed to implement even the most specific configurations within a very short timeframe.


ULTIMATE IT SECURITY TOOLS FOR CRITICAL INFRASTRUCTURE

“Companies like ours, classified as Critical Infrastructure (CRITIS), need to dedicate much more attention to IT security. To that end, we have integrated an endpoint detection and response (EDR) tool in our security architecture,” says Johannes Zenner.

This means that the best anti-malware software is required:  no vulnerabilities can stay undetected in the network. If logistics were to come to a standstill due to a cybersecurity attack, it would no doubt cause financial losses of millions of dollars per day. Much worse, however, would be the loss of trust from patients and businesses that Kohlpharma has so painstakingly built.

Such damage is very hard to fix. Therefore, Kohlpharma relies on these two ESET solutions—ESET LiveGuard Advanced and ESET Inspect—for a comprehensive cybersecurity framework.


ESET LIVEGUARD ADVANCED:
EXTRA PROTECTION AGAINST INFECTED FILES

Networks are exposed to hundreds of unknown files every day. Simple documents and other non-executable files usually do not pose a problem for established cybersecurity solutions. However, the full automation of processes at Kohlpharma means that many executable files—for example, those for updating individual computers or machines—are transmitted from outside. This can be extremely dangerous, as the .exe files can contain hidden malware. At the same time, the execution of files is essential for smooth operations.

The solution is to execute files in a sandbox to assess their behavior. This requires a lot of computing resources and a variety of sandbox templates, and is therefore not feasible on-premise.

ESET LiveGuard Advanced offers a cloud-based sandbox, a threat intelligence tool that is able to identify new, previously unknown threats. In this way, it complements the installed ESET products to by securing endpoints at Kohlpharma with another layer of protection. Automatically—or manually, if necessary— the samples are sent to the cloud for analysis by ESET. Its sensors extend static code analysis to include machine learning, memory scanning, and behavioral analysis.

Compared to endpoint security solutions, ESET LiveGuard Advanced uses a much wider range of technologies to detect potentially dangerous samples. The results of cloud analysis are sent back and any infected files are cleaned or deleted immediately. The solution also provides the administrators at Kohlpharma with detailed reports.


ESET INSPECT UNCOVERS INTERNAL VULNERABILITIES

Stefan Pistorius required an even broader approach to cybersecurity: “It is not enough for us to respond to attacks with classic antimalware solutions. We want to have the option to independently detect vulnerabilities and eliminate them.”

Kohlpharma therefore decided to use ESET Inspect. This endpoint detection and response (EDR) solution from ESET collects real-time data about actions and events on the connected endpoints and automatically checks whether it matches the criteria for suspicious activity. Information collected in this way is processed and stored in a searchable format. The resulting compilation of anomalous and suspicious activities allows users to drill down for details.

In addition, ESET Inspect provides digital forensics and incident response reports, and offers guidance on possible countermeasures. Even advanced persistent threats (APTs) already present in the network can be successfully eliminated. ESET Inspect gathers and combines comprehensive information from all ESET detection technologies, including machine learning.


EASY OPERATION USING WEB CONSOLES

At first glance, the combination of many different products and technologies may seem complicated. However, Johannes Zenner has everything under control thanks to the web consoles provided by ESET. The key element here is ESET PROTECT, which allows Zenner to centrally manage all endpoints and servers.

He also uses an additional management console for ESET Inspect. Both tools make my everyday work much easier. They are clear, structured, perform well and offer a variety of possibilities,” says the project manager. “Synchronization of data between the two consoles runs automatically so I always receive up-to-date information. And if I encounter any issue, I can rely on regularly updated and extensive documentation.”

ESET provides a harmonized system of holistic IT cybersecurity solutions. It reliably defends against cybersecurity attacks from outside and identifies suspicious internal events. The outstanding usability of ESET consoles makes the work of administrators much easier

 

THE RESULT

ESET’s combination of solutions, namely ESET PROTECT Entry, comprised of ESET Endpoint Security, ESET Server Security, ESET Shared Local Cache and ESET PROTECT—plus ESET LiveGuard Advanced and ESET Inspect—successfully protects Kohlpharma’s complex cybersecurity architecture from hackers and cybercriminals.

And by deploying ESET security management solutions, Kohlpharma has raised the protection of its systems to a completely new level. This is thanks not just to the technical aspects of the solution, but also to some equally important soft factors—namely, the close cooperation of the customer, provider and system house, and the comprehensive, reliable service and support.

Kohlpharma knows it has a strong partner at its side, even in the event of a crisis.

KEY BENEFITS FOR GRENZEBACH

  • High level of protection
  • Ease of implementation
  • Detailed reports
  • Ongoing service and support
  • Cost-effectiveness

    THE CUSTOMER

    Kohlpharma was founded in 1979 and is currently one of the leading pharmaceutical importers in Europe. Based in Merzig, Saarland, Kohlpharma purchases original branded medications from reputable pharmaceutical manufacturers based in other EU countries at favorable prices and imports them into Germany. Patients and health insurers benefit greatly from the savings and convenience, and doctors also save on their budgets. Kohlpharma has 800 employees and supplies quality medications to pharmacies, as well as German pharmaceutical wholesalers.

    Interior of Kohlpharma facilities. As one of Europe’s leading pharmaceutical importers, Kohlpharma uses ESET for the best endpoint detection and response solutions.

    CUSTOMER STORIES


    Grupo Servopa delivers its clients the right product with superior service. ESET provided the company with excellent service and strong cyber security.

    CUSTOMER STORIES


    Relying on a trusted partner to handle monitoring, detections and resolving them was the logical step for second-largest beer producer in Netherlands.

    Ready for next step?

    Enter the world of enterprise protection