Herman Miller gains complete IT visibility, strengthens security posture with Lansweeper.
Based in Zeeland, Michigan, Herman Miller, Inc. is a global design and manufacturing company that produces high-end office furniture, equipment, and home furnishings. The company has global facilities and employs over 8,000 people worldwide.
Goals
- Needed visibility across the entire IT infrastructure of more than 20,000 assets
- Create a complete software and hardware asset inventory
- Accelerate incident response with rapid access to data
- Improve asset management and simplify updates
Results
- Gained immediate and complete visibility across the entire infrastructure in minutes
- Created a single source of truth for insights and reporting
- Increased ability to mitigate risk from vulnerabilities, malware and security threats
- Built trust and empower users across the IT organization
“Lansweeper works out of the box. You turn on scanning and the magic happens.”
“Herman Miller’s manufacturing organization has a complex environment with multiple locations and subsidiaries through mergers and acquisitions,” said Kristopher Russo, Information Security Analyst Architect at Herman Miller. “We manage over 20,000 assets and we’re adding more all the time.”
In 2011, the company implemented Lansweeper’s Cyber Security solution to provide visibility into its complex IT environment. Since then, Lansweeper has helped Herman Miller’s IT organization maintain an accurate, up-to-date software and hardware asset inventory and respond rapidly to mitigate risk from vulnerabilities, malware, and other IT security threats.
A Complete IT Asset Inventory Was Critical
According to Russo, a common challenge in large organizations is a lack of understanding of the IT environment. “Most organizations lack visibility into their asset inventory, so it’s difficult to comply with the first two CIS Critical Security Controls, which require you to keep an inventory of your software and hardware assets,” he said.
A well-maintained asset inventory database is key in building a more comprehensive security program based on these controls, but Herman Miller’s IT team had yet to put one in place. “IT organizations often fall back on using vulnerability scanners and maintaining Excel spreadsheets manually, which is of course time-consuming and prone to error,” Russo said.
The ability to discover hardware and software data is critical to maintaining an up-to-date synopsis of an entire IT environment, to protect an organization against cybersecurity attacks. Although there are solutions available to address asset management, most are complex and expensive, as well as difficult to deploy and manage. Herman Miller’s IT team had been using SCCM for Windows assets to gain limited visibility, but as Russo said, it was more of a “point- and-shoot-from-the-hip solution,” and didn’t offer a comprehensive understanding of what lived on the network.
“A quick win was to find a solution that enabled us to meet the first two CIS controls,” Russo said. That’s when he discovered Lansweeper.
Immediate, Complete Visibility – One Scan
Lansweeper rapidly gathers hardware and software information on all devices across the IT environment, enabling comprehensive management and providing the data needed for compliance and audit purposes. Lansweeper also encompasses a ticket-based helpdesk system and capabilities for software updates on target devices.
Although the value proposition was promising, IT team members were skeptical, and, according to Russo, felt panic at the thought of implementing a cybersecurity solution across the network. “People were worried about us breaking things,” he said. Fortunately, Russo’s team was able to roll out the Lansweeper implementation gradually to ease everyone’s fears. “We started by deploying the solution across a specific subnet, and once we demonstrated that nothing was broken, people were more comfortable with it,” he said. “In a short time, we had 100% coverage without any issues.”
With Lansweeper in discovery mode, the IT team gained immediate and complete visibility into Herman Miller’s complex network environment. Russo was impressed with the vast amount of data he is able to collect with a single scan. “I log into the tool and I can see all the machines, what resides on those machines, how they’re configured, whether they have any outdated software installed and who’s logged into them,” he said. “To obtain all of those individual pieces of data would have taken hours for us to gather manually, and I can get it in seconds by just logging into Lansweeper.”
Russo: “You turn on scanning and magic happens.”
“Lansweeper works out of the box,” Russo said. “Because it’s based on SQL and supports standard scripting languages, you can use Lansweeper to do a lot of powerful things that are difficult to do manually or at scale, with very little spin-up time.”
Lansweeper has become the single source of truth for Herman Miller’s IT asset inventory from which the team can build a number of detailed reports. The team can share these reports with the CIO, keeping him informed about the status and performance of vulnerability management and remediation, hardware warranties, which machines have outdated operating systems, and other key data, as needed. “We have over 100 custom reports pre-configured, so when the CIO asks for information about a specific aspect of the environment, we can pull it immediately and have that information ready very quickly,” he said.
Herman Miller has acquired four companies since it began using Lansweeper in 2011, and the solution enables the IT organization to be agile in times of rapid change. “In a merger or acquisition situation, we can understand the networks of the companies we’re acquiring quickly, and figure out where we stand from an IT perspective.”
Rapid, Targeted Incident Response
In addition to creating a complete asset inventory, Lansweeper is essential for incident response. “From a security perspective, the first couple minutes of a security incident are critical moments,” Russo said.
The information Lansweeper provides helps his team determine where to focus their efforts. For example, when a piece of malware is discovered, they can quickly perform a file scan on a target group of PCs to determine how far the malware has spread. Or if they’re notified of a critical software vulnerability, they can run a report in Lansweeper to understand where it exists in the environment, which PCs the software resides on, who’s using the software and what it will take to remediate the issue.
“We need to gather data quickly to understand the impact and scope of the incident,” Russo said. “Lansweeper delivers detailed information about a security incident in minutes, providing incredible time savings and helping us to minimize or eliminate potential damage.”
“Lansweeper delivers detailed information about a security incident in minutes, providing incredible time savings and helping us to minimize or eliminate potential damage.”
Timely, Accurate Data Builds Trust, Empowers Users Across the Organization
As Russo and his team continue to use Lansweeper, they discover new capabilities. “Lansweeper offers many good actions out of the box, and as we build our understanding of the product, we can write additional, powerful actions for specific use cases,” he said. “This helps us build trust with the rest of our IT organization, because the information we provide is accurate and relevant, and they know they can come to us for answers.”
Russo’s team has built several custom actions, such as pulling back dead locker keys or erasing the memory on a machine with a vulnerability in order to perform analysis. “We can run a security benchmark app based on recommendations from SANS for incident response, then build that app into a script and push it out to PCs in our network,” he said. “All of these actions have been born out of our experience with Lansweeper.”
Russo is also using Lansweeper’s deployment functionality, which helps mitigate security risks by silently installing and uninstalling software, deploying software updates, making command-line changes, or running custom scripts. “It’s fast and easy,” he said. “We can quickly throw together a package and use a script to push it out to a report on PC or group of PCs.”
Other areas of Herman Miller’s IT organization benefit from using Lansweeper, as well. “We have over 100 different users across the organization with different use cases,” Russo said.
Reduced Risk, Time Savings Provides Tremendous Value
Although Russo’s team doesn’t operate according to a cost-based model, the time saved in troubleshooting issues and working on hardware refreshes and replacements have a significant impact on reducing IT spend and risk. “With Lansweeper, we can gather data very quickly and know how to focus our efforts,” he said. “From an incident response perspective, it helps us reduce the time it takes to respond to incidents so we can contain them faster. Risk is reduced because we are faster and more effective at resolving issues — and that’s invaluable.”
Russo said people throughout Herman Miller’s IT organization have come to rely on Lansweeper. “The few times we’ve had to take down the tool for upgrades, people come out of the woodwork asking why it wasn’t available,” he said. “There would be widespread panic if we suddenly didn’t have Lansweeper and had to use another tool or go back to our old, manual processes.”
“There would be widespread panic if we suddenly didn’t have Lansweeper and had to use another tool or go back to our old, manual processes.”
What’s Next? Lansweeper to Support Cloud-first Approach
And as Herman Miller’s IT organization continues to adopt a cloud-first approach, Lansweeper’s new cloud capabilities will be of key importance. “Moving to the cloud will allow us to be more dynamic and provide more power to our developers,” Russo said. “But to make that happen, we have to be faster and more reactionary to mitigate risk across multiple cloud platforms and regions. We want to continue to see Lansweeper expand its cloud support so we can gather and analyze data on our cloud assets quickly, just like we do with our on-premises assets today.”
As Herman Miller continues to expand into new markets and leverage technology to achieve its goals, Lansweeper will play an important role in protecting the organization’s IT assets. “We have to make sure that as we explore new business strategies with technology solutions and infrastructure, we keep the organization safe from cyber threats,” Russo said. “Lansweeper is a cornerstone of that effort.”