Digitec Galaxus AG Improves the Security and the Performance of its Online Shops
Find out how Switzerland’s largest online retailer improved digital security and performance.
"Now that the Akamai solutions for security and performance have been implemented, we can all sleep more soundly. They allow us to concentrate on further developing innovations for our core business and stay one step ahead of the competition."
Christian Margadant , Head of IT Operations , Digitec Galaxus AG
The Situation
Digitec Galaxus, Switzerland’s biggest online retailer, has experienced continual double-digit growth since its founding, and generated a turnover of more than 861 million Swiss francs in 2017 with its two online shops, digitec.ch and galaxus.ch.
The company offers a comprehensive line of products ranging from IT, consumer electronics, and telecommunications to household and sporting goods in its popular online shops. Constant improvements to and expansions of the online shops, which offer a secure, simple, and convenient shopping experience, are the key drivers of the company’s growth.
The Challenge
During a weeklong period in March 2016, a series of DDoS attacks were carried out on the Swiss Federal Railways, financial institutions, and online shops, including the online shops digitec.ch and galaxus.ch.
Digitec Galaxus had deployed an entry-level package of features from Akamai’s Kona Site Defender (KSD). This ensured that, even though its online retail sites were under attack, no customer data was compromised at any time. However, without the full features of KSD, Digitec Galaxus still experienced some downtime on its sites. Depending on a number of factors, the costs of downtime can run into several hundred thousand Swiss francs.
Following an extensive analysis of the DDoS attacks of March 2016, Digitec Galaxus quickly realized that its security and availability measures needed to be further expanded and reinforced, since more complex attacks on the infrastructure and web applications could be expected in the future. Therefore, the online retailer decided to make targeted investments in cloud security to protect ongoing corporate growth.
The Goals
In order to achieve this objective, Digitec Galaxus had to meet three key requirements:
-
Higher availability: The online retailer wanted to ensure high availability, thereby eliminating the risk of downtime as much as possible.
-
Best-in-Class protection against cyberattacks: Digitec Galaxus wanted to expand the protection of the online shops by implementing a multi-layer security concept.
-
Protect corporate growth: The ongoing improvement of a secure, highly available infrastructure for the online shops would serve as the basis for sustainable corporate development.
Why Akamai?
Secure and reliably available websites are vital for Digitec Galaxus for two reasons: to safeguard the current turnover during peak times such as the Christmas season, and, to secure growth and continued corporate development.
At the time of the DDoS attacks on Swiss companies in March 2016, Digitec Galaxus had already deployed entry level features from Akamai Kona Site Defender, installed and maintained by Akamai partner Arturai. By working closely together and drawing on one another's in-depth experience, Arturai and Akamai were able to avert the attacks, which is why Digitec Galaxus decided to expand its partnership with Arturai and Akamai. "We were very satisfied with Arturai's implementation of the security solution and their service as well as the professional support provided by Akamai during the wave of attacks," says Margadant. "Akamai’s cloud delivery platform provides a capacity of more than 60 Tbit/s, which allows it to use huge swathes of bandwidth to defend against attacks. With this scaling, even major attacks are not a concern."
Multi-Layer Protection
DDoS attacks and attacks on web applications and the DNS infrastructure are among the biggest threats to corporate IT security. These kinds of attacks can cause websites to fail, lead to the loss of confidential data, and incur enormous economic damage by marring the reputation of the targeted company. In consultation with Arturai and Akamai, Digitec Galaxus therefore decided to implement a multi-layered defense against cyberattacks.
Protection against attacks at the application layer
Site Shield — as part of Kona Site Defender — is based on the Akamai Intelligent Platform™ and defends against direct-to-origin attacks. “We are now very efficiently protected against attacks up to the application layer,” says Margadant. “Since Akamai handles the administration, operation, and ongoing development and maintenance of the firewall rules, the internal IT experts have more time to focus on the strategic development of the online shops.”
DNS protection
Digitec Galaxus also implemented Akamai’s Fast DNS to help it ensure that end users arrive quickly and reliably at the desired website, thereby improving the security, usability, and performance of its web pages. Fast DNS offloads the DNS resolution from the data center infrastructure of Digitec Galaxus into the cloud. It is architected for both performance and availability, and has been shown to maintain a fast DNS experience even through very large DDoS attacks.
DDoS protection always active for the entire data center
The online retailer also implemented the Prolexic Routed Always On DDoS scrubbing solution, which is active at all times. Prolexic uses the Border Gateway Protocol (BGP) to route all traffic for Digitec Galaxus through Akamai’s globally distributed scrubbing centers.
The Prolexic technology is designed to check the traffic for potential DDoS attack vectors, drop harmful data traffic on all ports and all protocols, and only route legitimate data traffic to the online retailer's websites.
Flexible and efficient bot management
In addition to the expansion and further fine-tuning of the security measures, the IT department at Digitec Galaxus also considered the issue of bot management. The solution was not to block the bots across the board, but rather to identify, categorize, and control them efficiently. “The goal,” says Margadant, “is to establish a flexible procedure for managing various types of bots that combines powerful technologies for telling good bots apart from bad ones with intelligent, graded reactions, which will enable a context-dependent reaction.”
About Digitec Galaxus AG
The two online shops — digitec.ch and galaxus.ch — together form Digitec Galaxus AG. The Swiss online market leader Digitec is a specialist in IT, consumer electronics, and telecommunications. As the biggest online retailer in Switzerland, Galaxus offers a constantly growing range of products in sectors such as household, do it yourself, garden, and sports. Galaxus and Digitec offer extraordinarily broad, detailed, and continuously maintained assortments. The consistently low, constantly updated prices, as well as the fast and reliable online shops, enable a unique and comfortable shopping experience — regardless of time and place. The focus lies on consistent customer service: short delivery times and personal and competent advice by telephone, e-mail, fax, or in one of the 10 branches — as well as transparent and comprehensible communication.
About Akamai
As the world’s largest and most trusted cloud delivery platform, Akamai makes it easier for its customers to provide the best and most secure digital experiences on any device, anytime, anywhere. Akamai’s massively distributed platform is unparalleled in scale, giving customers superior performance and threat protection. Akamai’s portfolio of web and mobile performance, cloud security, enterprise access, and video delivery solutions are supported by exceptional customer service and 24/7/365 monitoring. To learn why the top financial institutions, online retail leaders, media and entertainment providers, and government organizations trust Akamai, please visit http://www.akamai.com/de, blogs.akamai.com and blogs.akamai.com/de/ or @AkamaiDACH and @Akamai. For additional information Download Case Study PDF.