Hitachi Energy Gains Visibility and Insights Across Global Infrastructure
Hitachi Energy serves customers in the utility, industry, and infrastructure sectors with innovative solutions and services across the value chain. Its pioneering technologies enable the digital transformation required to support a transition towards a carbon-neutral future. With an installed base in more than 140 countries, Hitachi Energy employs around 40,000 people in 90 countries and generates business volumes of over $10 billion USD.
As part of its carve-out from ABB, Hitachi Energy’s Global IT group was tasked with deploying a cloud-first infrastructure for the new organization. “Anything new being deployed is done within the cloud,” said Philip Heyns, Global Security Architecture Manager at Hitachi Energy.
End-to-End Visibility Was Critical
Heyns said Hitachi Energy faced unique challenges as what they like to refer to as a three-year-old “startup” with more than two centuries of heritage, setting up a new core infrastructure. “We’ve got a lot of legacy technology, and we’re an operating business, but in a sense, we’re starting in greenfield,” he said. “Plus, we had a timeline to follow because it had to be in place prior to completing our exit.”
This required setting up the infrastructure and services rapidly and getting procedures put in place. “We needed to have the staff and the capability to migrate effectively and efficiently from the old environment while still making our deadlines and staying on top of any operational issues that came up,” Heyns said. “It’s a balance between project implementation and keeping the business running at the same time, with essentially the same resources. We asked ourselves several questions, like: Do we have visibility everywhere, all the time? Do we have all of our devices’ logs pointing to our Security Information & Event Management solution (SIEM)? Do we have full coverage with our Endpoint Detection and Response (EDR) solutions?”
To answer these questions, the team looked for a cloud-based IT discovery tool that would provide complete visibility across the company’s globally distributed organization. This includes about several hundred sites, many of which are factories. “End-to-end visibility is critical,” Heyns said. “You cannot protect the business if you don’t know what assets you have,” he said. “We wanted to have a solution that we can rely on for corroboration with Managed Service Providers (MSPs) and infrastructure teams across the organization to make sure that the data they provide is accurate.”
He added that verifying that the data in the company’s Configuration Management Database (CMDB) is accurate and up to date is extremely important. “History and experience have shown that using a decentralized asset management system – or a manual system like the one we had been using prior to the acquisition – is a recipe for disaster.”
“You cannot protect the business if you don’t know what assets you have.”
150,000 Assets Scanned, and Counting
Based on previous experience, the team decided to roll out Lansweeper across the company. “We have regional scanners and, in some regions, multiple scanners,” he said.
His team uses both the on-premises and cloud versions of Lansweeper. “Where it makes sense, we drop a local scanner on a site, which points to the database to scan the local resources,” he said. “Our endpoints are scanned from the app, which targets the scan server, but if it can’t find the scan server, it uses the cloud.” Agent-based scanning supports Hitachi Energy’s work-from-home policy. “A lot of the laptops will never even see the corporate network, so we rely on Lansweeper Agent for scanning user devices,” he said.
Currently, Lansweeper is scanning nearly 150,000 assets at Hitachi Energy, including Office 365, Cloud, and Active Directory assets, providing complete visibility across the technology estate.
Easy Reporting, Flexibility Makes Insights Easy
Lansweeper provides a single pane of glass to view the entire infrastructure, eliminating the need for local teams to track their assets independently. “We can look at our cloud environment and see the subscription and the physical resources assigned to it,” he said. “We can see into the operating systems and what software has been installed on the virtual machines, the disk configuration, and more, all on a single page.”
“Lansweeper is extremely user-friendly, there’s a lot of flexibility to group assets in a single location and create a report in 15 or 20 seconds that shows the details of those groups of assets. It makes life a lot easier.”
He said he uses Lansweeper reporting on an ad hoc basis right now because the main focus is coverage and visibility. “As part of the cybersecurity operations team, we want to augment the asset data already received by our SIEM with Lansweeper data to facilitate our security incident response activities and make them more efficient,” he said.