Turkey’s number one homewares provider, Koçtaş, has complete confidence in its cybersecurity. A modern Palo Alto Networks platform strategy safeguards data, devices, and people; supports rapid retail growth; enables seamless mobile working; and empowers the lean security operations team to focus on the threats that matter the most.
Koçtaş reinvents the retail experience
Fast-changing customer expectations, intense competition, and the need for greater operational efficiency are driving Koçtaş to reinvent itself. Faced with a growing store portfolio, an expanded product range, and increasingly complex operational systems, Koçtaş had more exposure than ever across its business and customer touchpoints.
Where Turkey shops for its homewares
Koçtaş is Turkey’s leading home improvement retailer, providing millions of customers with high-quality, competitively priced homewares. It is a subsidiary of Koç Holding A.Ş, the largest industrial conglomerate in Turkey.
Koçtaş has more than 400 physical stores and is also growing rapidly through its digital channel the Koçtaş Marketplace, with a fivefold increase in product lines this year alone.
Koçtaş had struggled with its previous network security and remote connectivity platforms. “We needed a modern, integrated security system to safeguard our rapidly changing and expanding digital and physical environments. This included our proliferating Internet of Things (IoT) devices,” says Mr Cirpici, Senior Infrastructure and Cybersecurity Manager.
Koçtaş also needed to harden its endpoint security – not only to protect its existing endpoints but to future-proof its ongoing expansion.
Complexity was also absorbing resources and increasing risk. “We have a small, highly professional team of people focused on security. We wanted to automate everyday processes while shifting away from siloed security systems to a single, best-of-breed security stack,” says Mr Cirpici.
"Our previous system lacked 360-degree visibility and control for the 4,000 endpoints. We wanted to consistently profile people’s behaviour to detect irregularities at the speed of business."
– Baran Cirpici
Senior Infrastructure and Cybersecurity Manager, Koçtaş
A unified cybersecurity platform approach
Koçtaş was faced with increased exposure across organisational and customer touchpoints, including traditional PoS vulnerabilities, supply chain threats, IoT, and customer data. To become a retail business of the future, Koçtaş needed to:
- Standardise on integrated platforms to connect and secure all systems.
- Apply controls at every entry and exit point to prevent malware from moving between zones and making lateral moves.
- Automate and centralise security management.
- Enable people to work securely anytime, anywhere.
“Palo Alto Networks really wanted us to succeed”
A connected Palo Alto Networks platform approach across network, endpoint, and security operations is helping Koçtaş manage a continuously evolving attack surface while driving operational efficiencies through AI and machine learning.
First, Check Point firewalls were replaced with Palo Alto Networks ML-Powered Next-Generation Firewalls (NGFWs), together with Prisma Access and DNS Security. Prisma Access was implemented in just one week, replacing standard VPN connections for 700 staff. “Prisma Access has been a great success. It’s secure, easy to use, and popular with our hybrid workforce. It protects all application traffic – dramatically reducing the risk of a data breach,” says Mr Cirpici.
Autonomous Digital Experience Management (ADEM) is integrated to visualise and manage end-user experience. Now, when a connection issue is reported, the team can immediately identify the root cause of the problem.
An Enterprise IoT Security subscription was then deployed to protect 2,000 devices such as in-store handheld scanners, security cameras, and point-of-sale systems. Koçtaş can now view traffic from any Internet Protocol on a single dashboard, identifying new IoT devices as they move online and taking prompt action to prevent vulnerabilities.
“Our R&D team is working hard to create the store of the future. Such as installing cameras that count the footfall in our stores, or retail robots that check shelves for product gaps. Every connected device exposes Koçtaş to attack. But Zero Trust Enterprise IoT Security is enforced with least-privileged access securing all future innovations.”
Cortex XDR completes the picture. Network detection and response (NDR) uses machine learning (ML) and behavioural analytics to monitor Koçtaş’s network traffic and develop a baseline of activity. It discovers anomalous activity associated with malware, targeted attacks, and risky behaviour. Integration with the Enterprise IoT Security subscription enables the team to monitor everything from a single dashboard.
Mr Cirpici explains, “Having the NDR add-on on top of the EDR functions helped Koçtaş with its XDR project. We can review the root cause, sequence of events, and investigative details all in one place.”
"During the PoC, Palo Alto Networks presented a proven portfolio of security technologies, unrivalled knowledge, and an expert understanding of our retail objectives here in Turkey. They really wanted us to succeed."
– Baran Cirpici
Senior Infrastructure and Cybersecurity Manager, Koçtaş
Modern digital retail growth
Thanks to the connected Palo Alto Networks platforms, Koçtaş is securing the retail store of the future and realising significant benefits, such as:
- A safeguarded retail environment: Koçtaş is safely enabling retail applications and preventing modern threats. Cortex XDR, for example, provides complete visibility into known and suspicious network activity.
- Protected retail growth: Koçtaş can continue to roll out new retail stores (and its online service) across Turkey, confident that its data, applications, devices, and people are protected from vulnerabilities.
- Seamless remote working: Mobile staff can securely connect to the Koçtaş network anytime, anywhere. Being away from the office or a store is no longer a barrier to productive working. All traffic is inspected, irrespective of source, location, and device.
- Increased agility: Everyday routine processes are automated, increasing productivity. Using Symantec Endpoint Protection, for example, Koçtaş received up to 20 false alarms a day; now they receive an average of one a day. Likewise, the team can identify and fix the root cause of a threat in less than 20 minutes; previously, it took up to four hours.
- Unified cybersecurity: The single, connected Palo Alto Networks product portfolio provides trusted, integrated network and endpoint security from a single dashboard.
- Exceptional user experience: Koçtaş store staff can concentrate on selling homewares without having to focus on security configurations. ADEM, for example, helps to identify the precise source of a connectivity problem. For example, when slow connection is reported, the team can see whether the problem relates to a router, device memory, or other service.
- Simplified compliance: The GlobalProtect host information profile (HIP) service collects information about the security status of Koçtaş’s endpoints – such as whether they have the latest security patches and antivirus definitions installed, or whether they have disk encryption enabled.
"We’re seeing the power of the portfolio in action. Everything is integrated in unified platforms, giving us trusted and adaptive security for the retail stores of the future."
– Baran Cirpici
Senior Infrastructure and Cybersecurity Manager, Koçtaş
Learn more about Palo Alto Networks on the website, where you can also read many more customer stories.