BUSINESS: One of the leading media and entertainment companies in the Netherlands, operating a range of broadcast and online television services, websites, apps and live entertainment.
SCOPE: The Netherlands
BUSINESS CHALLENGE: RTL Nederland lacked a clear view of security threats, leaving IT assets vulnerable to attack.
SOLUTION: To secure its computing systems and web applications against threats, RTL Nederland deployed Qualys Vulnerability Management and Qualys Web Application Scanning.
WHY THEY CHOSE QUALYS:
- Delivers deep insight into IT assets and potential security threats, helping keep core business systems safe from attack.
- Provides detailed technical reports with easy-to-follow recommendations, taking the guesswork out of vulnerability remediation.
- Offers straightforward management with an intuitive, user friendly interface, saving IT staff time and effort.
- Offers comprehensive, on-demand protection for all IT assets at a fraction of the cost of previous solutions.
RTL Nederland Strengthens Defences Against Hackers and Disruption
Improved insight into security vulnerabilities and targeted threat detection helps strengthen protection for core business systems and customer information.
Netherland’s leading media and entertainment company, RTL Nederland operates seven broadcast television channels and a live entertainment division. The company offers a wide range of online services, including the RTL XL video platform and Buienradar weather site, and ranks among the country’s top four providers of digital content. RTL Nederland also invests in growth-oriented businesses through its subsidiary RTL Ventures. Its investments include the dating site Pepper, restaurant booking system Couverts, fashion platform Miinto, and online educational programme Squla.
Defending against hackers and intrusion
To stay on top of consumer demand for fresh, high-quality content, the company constantly creates new services and information that need to be made available to outside audiences fast, and kept secure at the same time.
While RTL Nederland placed a strong focus on maintaining a high level of protection for computing systems, it lacked an enterprise-class solution for monitoring and managing security vulnerabilities. This made it difficult for the company to gain a clear view of the potential threats it was facing and left security teams unable to address vulnerabilities in a structured way.
Rob van Loon explains: “We had all the layers of protection in place, but what we lacked was a clear view of our system landscape, which made it difficult for us to detect and resolve threats in a timely manner. Without awareness of potential security gaps, our systems were left vulnerable to attack – a risk that of course we cannot afford. We wanted to take greater control over how vulnerabilities were monitored and managed, to ensure that our IT assets were kept fully secure at all times.”
“The Qualys solutions have brought a new level of visibility, so we know what the actual risks are and what needs to be done to protect our systems in the most optimal way. This allows us to target our resources and address issues much more efficiently.”
Rob van Loon,
IT Architect and Risk Manager, RTL Nederland
Gaining a Clear View of Vulnerabilities
RTL Nederland launched a search for a solution that would enable security teams to stay on top of emerging security threats while remaining agile enough to meet changing business requirements. The company quickly honed in on a suite of security solutions from Qualys.
“We considered offerings from several companies, and Qualys definitely had the edge,” says Rob van Loon. “The Qualys solutions were very user-friendly and easy to manage, and the fact that they are based on a cloud delivery model means that there is no infrastructure to deploy or maintain.”
As a first step, RTL Nederland deployed Qualys Vulnerability Management (VM), using the solution to discover and map all assets across its core information systems. By building a clear picture of its computing environment, the company can better understand the potential risks and work to ensure that all systems are correctly patched and protected against vulnerabilities.
“Qualys VM is very intuitive and easy to get to grips with,” notes Rob van Loon. “Our IT team was able to familiarise themselves with the solution and start real scanning in less than a day. The first scans we ran showed that there were a number of issues that we needed to address. We knew that we were behind with patching, but Qualys VM really highlighted where all the vulnerabilities were, so we could work to take targeted action.”
Powerful Reporting, Easy Remediation
Currently, RTL Nederland performs scans of around 150 servers every weekend. When IT managers return to work on Monday mornings, they receive a report of the scan results in their inbox. These technical reports provide a detailed description of all vulnerabilities that have been identified on the system and offer recommendations for fixing the issues, including links to the appropriate patches.
“For us, the biggest advantage of Qualys VM is that it takes all of the guesswork out of patch management,” states Rob van Loon. “We can just look at the report and the next steps are already mapped out for us, so we don’t have to spend time investigating possible solutions.”
RTL Nederland generates regular executive-level reports for senior management, which highlight all known vulnerabilities and the status of remediation plans. The reports also make it easy for the company to demonstrate to internal regulators that steps are being taken to reduce vulnerabilities.
Protecting Web Applications
To keep its large number of web applications and websites secure and highly available at all times, RTL Nederland uses Qualys Web Application Scanning (WAS) to check applications for vulnerabilities both before and after they are deployed.
“As more and more of our content moves online, we have to manage a growing number of web-based applications,” explains Rob van Loon. “With Qualys WAS, we can keep applications safe, even as threats evolve. The solution makes it easy to identify common vulnerabilities and is highly accurate, so we can address threats effectively and ensure that our own data and that of customers is kept safe.”
Taking Targeted Action
While it is still early days for RTL Nederland in terms of using Qualys technology, the company has already improved insight into vulnerabilities and increased the overall speed of remediation. With a clearer and timelier view of vulnerabilities, the company is able to keep key business systems safe from attack and ensure that customers and partners have access to the information and services they need.
“The Qualys solutions have brought a new level of visibility, so we know what the actual risks are and what needs to be done to protect our systems in the most optimal way,” comments Rob van Loon. “This allows us to target our resources and address issues much more efficiently.”
Qualys provides high levels of visibility and control at a cost-effective price for RTL Nederland, as Rob van Loon explains: “In the past, we relied on a third party to perform penetration testing for one of our websites twice a year. With the Qualys solutions we can scan our entire environment any time we want, for a greater variety of vulnerabilities and at a much lower cost. Not only does this save us a great deal of money, it brings vulnerability management back under our own control and delivers much more comprehensive protection.”
RTL Nederland plans to build on its initial investment by introducing Qualys Malware Detection Service, which proactively scans websites for malware and provides automated alerts and in-depth reporting to enable swift identification and elimination of any infections. For now, the company is focusing on fully reigning in all security issues and extending the use of its existing Qualys solutions across the entire business.