Geely Holding Group12/10/2015
Geely (officially Zhejiang Geely Holding Group Co., Ltd) is one of the top 10 Chinese automotive manufacturing company, with its headquarters in Hangzhou, China. Its principal products are automobiles, motorcycles, engines and transmissions. It sells consumer cars under five brand names: Emgrand, Englon, Geely, Gleagle, and Volvo.
With total assets of more than RMB 100 billion, Geely is one of the China’s top 500 companies for ten consecutive years. On July 2012, Geely was listed in Fortune Global 500 as the only private automobile enterprise from China.
Geely approached Ford in mid-2008 about a possible takeover of Volvo Cars. A deal was reached in late March and completed in early August 2010.
In 2009, Geely announced its listing on the stock exchange in Hong Kong. In order to meet the requirements of listing in Hong Kong, the establishment of a standard internal information security management and audit system was needed.
According to the relevant provisions of internal audit work on listed companies, the company requires to establish a standardized internal information security audit system to prevent & control risks, increase the reliability of information release, combined with industrial production and management features. In order to achieve these goals, Geely had the following requirements:
● Audit the online behavior of internal staff to prevent internal business information from leaking via Internet.
● Divide the Internet access authority of internal staff, open related access to network resources based on the job position of staff in different departments and prevent employees from doing non-work related activities during office hours to improve work efficiency.
● Limit P2P downloads to improve the access speed of critical business applications.
After communication, comparison, technical evaluation and rigorous testing, Geely eventually reached a cooperation agreement with Sangfor and decided to adopt Sangfor IAM solution, helping the company to secure its network and protect internal data before being listed in the Hong Kong's stock exchange.
Sangfor IAM is deployed in the network gateway of the group headquarters and branches. The network topology is as below:
Figure 1: Network Topology
All Intranet data have been startegically processed by the IAM device, mainly to solve the following problems:
● Control the traffic of non-work related applications to ensure the bandwidth for core departments and business applications.
● Regarding PCs security issues, IAM can assign network access permissions based on the security level of accessed PCs. This do not only avoid trojans and remote attacks from stealing sensitive information on PCs with security vulnera-bilities but also reduces the workload to manage each PC (Personal Computer).
● Achieve precise division of network access between departments. For example, the marketing department is allowed to access work-related websites, but restricted to access R&D servers or database. R&D department is allowed to exchange confidential files internally, but prohibited from sending it out to an external server.
● Strict control of out-going emails. IAM email filtering and audit based on keywords to detect and intercept abnormal outgoing mails and notify the administrator to review them in time.
● Enable email attachments filtering based on file types for further analysis. For example, set filtering rules of DWG, DXF and DWF files of CAD drawing for R&D department.
● Regularly export reports on the assessment of network and risk status as a basis for network strategy adjustment.
Advantages & Benefits
With its outstanding performance in the aspects of application identification, traffic control, auditing and data mining, Sangfor IAM brings the following values to the Geely Group:
Guaranteed access speed for core business applications & improve business efficiency
Sangfor IAM provides meticulous traffic control solution based on applications, time, objects and other factors. Restrict bandwidth occupation of non-core business applications and bandwidth consuming behaviors to guarantee the stability of network access to improve bandwidth value and business efficiency.
Standardize the network management, match network application permissions with terms of reference to prevent un-authorized access
Based on one of the largest application identification rule database with a variety of intelligent recognition technologies, Sangfor IAM provides flexible access control methods that consider the requirements of both humanization and enterprise information security to create permissions allocation that suits Geely’s own corporate culture and business requirements. IAM can help enterprises avoid legal risks, prevent unauthorized access and improve quality of network management.
Prevent risks of data leak, protect the security of enterprise information
Sangfor IAM helps enterprises to avoid risks of data leak in 3 aspects: defense, interception and tracking. Thanks to the variety of intelligent recognition technologies of Sangfor IAM, dangerous traffic identification technology, rich reporting and data mining functions leaves no chance for both potential leakers and unintentional victims, helping enterprises to protect itself against leakage of information.