Grocery Delivery Disruptor Applies Its Own "Faster Than You" Slogan to Endpoint Security Management with CrowdStrike
Gorillas is a grocery delivery service disrupting how people shop by offering a 15 minute order-to door service and a commitment to sustaining that super-fast delivery with a fleet of e-bicycles, a quick, farm-to-table turnaround, and reduced packaging to cut the company’s CO2 emissions. Underpinning it all is a cloud-only IT infrastructure with thousands of endpoints that are now protected by CrowdStrike.
Explosive Growth Leads to Minimal Endpoint Visibility
Gorillas has experienced extraordinary growth since launching in 2020, and already has 14,000 staff operating in key European cities in Germany, Netherlands, UK, France, as well as New York City in the United States. Such growth has come with challenges, however. To meet a 15-minute delivery target, a warehouse must exist within two miles of customers; while administrative offices are static with global headquarters in Germany and national HQs in the respective countries, Gorillas had to rapidly increase the number of warehouses to more than 200, all fitted with multiple desktop and laptop devices.
Gorillas found itself with no centralized endpoint protection platform and with each warehouse having its own ad hoc antivirus tools, a situation that provided minimal visibility of endpoints across the business. In addition, non-technical warehouse staff do not always understand the risk of clicking a link or downloading what looks like a legitimate file. “As the business rapidly expanded and the number of warehouses and users increased, so did the level of risk,” said Atharva Shirode, IT Security Manager at Gorillas and the company’s first dedicated IT security employee.
CrowdStrike Selected to Deliver Next-Generation Protection
Gorillas hired a consultancy to conduct penetration testing to identify gaps in its security infrastructure, which highlighted the need for a next-generation endpoint protection solution. The company analyzed three market-leading applications and decided on CrowdStrike because it offered several advantages over the competition. Gorillas had stipulated a checklist of requirements for automating early incident detection and prevention, which CrowdStrike could deliver. Other requirements were automatic blocking of malicious files, quarantining them and then killing any malicious processes.
“The CrowdStrike endpoint policies are really amazing because we do not have to do anything,” said Shirode. “It is a one-time investment. We followed the CrowdStrike recommendations, and all of our endpoints come under the same preset policies, automatically and instantly. It means we do not need to worry about any of them.”
Another key feature of CrowdStrike is breadth of visibility. “CrowdStrike dashboards are easy to use and read, and there are several types to choose from,” said Shirode. “And the CrowdStrike team has been — and continues to be — extremely helpful, supportive and knowledgeable.”
Another crucial factor in selecting CrowdStrike was contract flexibility that enabled Gorillas to purchase a solution that fit security, technical and commercial needs and allowed it to choose the CrowdStrike reseller it wanted, which is not typically the case with other vendors.
Deploying CrowdStrike Was a Simple, Easy Process
Over three weeks, Gorillas deployed a range of CrowdStrike products and services to provide protection initially for almost 1,500 Windows and Apple endpoints located in warehouses and administrative offices. “Implementing CrowdStrike was really easy,” said Shirode.
Additional features of the CrowdStrike solution that Gorillas particularly liked include endpoint detection and response (EDR). “As a security analyst, I think CrowdStrike is a great solution because it means no involvement when there is a detection on the endpoint,” said Shirode. “That is far more efficient than our previous solution, and it saves a lot of time and resources. In addition, the firewall capabilities of CrowdStrike helped us solve a huge headache protecting both Apple and Windows endpoints.”
Gorillas takes advantage of CrowdStrike training and education to help the business optimize its endpoint protection solution. “It is always good to have direct experience because it saves us so much time getting up to speed,” said Shirode.
CrowdStrike Delivers Many Improvements, High ROI
CrowdStrike provides Gorillas a centralized and automated endpoint protection solution that is simple and easy to manage, provides complete visibility and control over all endpoint devices, and makes security management significantly faster and more efficient. “The Gorillas slogan is ‘faster than you’ and the same can be said for CrowdStrike endpoint security management,” said Shirode. “It is an instant and real-time application. If an employee downloads a malicious file, CrowdStrike catches it in seconds, sends an alert and even blocks the incident.”
Before CrowdStrike, incident detection and remediation took up to two days to complete. Now this is being done more comprehensively in minutes. CrowdStrike also is helping Gorillas achieve a high return on investment (ROI), with features such as an audit report that tracks where, when and how an incident occurs for post-event analysis. Intelligent threshold-setting helps Gorillas further improve management and control by enabling the company to significantly reduce the number of false positives in comparison to its previous solution.
Another benefit of CrowdStrike is connecting with and leveraging the vast pool of security experience held within its ecosystem of thousands of global customers. “The use of CrowdStrike saves time because when we catch an incident, we can see a similar issue that happened to someone else and shortcut the resolution using their experience,” said Shirode.