“The security of our data and our customers’ data is our highest priority and we needed a secure platform to provide access to our hybrid data services, hosted both in the cloud and on-premise. BlastShield filled both these needs for us with their patented solution.”
- Emil Erlandsson, VP of Professional Services at A2i
Discover why companies like A2i are choosing BlastShield as their VPN alternative. Read the case study below about their private network or...
Download the PDF version of VPN Alternative Case StudySo, I'm Emil Linson, I'm the VP for Professional Services at a2i, which means that I oversee all our customer deliveries and customer support and pretty much everything post sales. We wear a lot of hats and as part of my responsibility in overseeing all customer deliveries, some support, etc., I also take a big part of the responsibility for the information security in the company. So, you could say that it's between myself, our CTO and our CEO to work on these things.
A2i is a Danish company. We provide fuel pricing optimization based on AI for the retail fuel industry. AI fuel pricing or fuel pricing optimization is important to the retail fuel industry, because traditionally, you focus a lot on what competitors are doing and pricing echo to your competitors. Whereas, our AI-based solution helps you to actually look at your consumers and price based on consumer behavior rather than competitive behavior. It unlocks a new paradigm within fuel pricing, you could say. During the pandemic, I would say, a lot more are on working-from-home type scenarios. That, combined with the fact that we were adding on more staff, we wanted to get a better and more stable remote access solution that led us into looking around a little bit in the market. And that's how we eventually found BlastShield™ and BlastWave™ as technology.
Prior to using BlastShield™, we had a hardware VPN solution, (it was) quite generic and built for small business, but it doesn't really scale that well. When you have a lot of people working from home using a lot of bandwidth, it becomes very unstable and unusable at the end of the day. So, we were looking for something that was more modern, that allowed for higher flexibility in terms of people working from home, working at the office and so on, whilst being very secure. Of course, these things that you see about supply chain interruptions and all of these things impacted our decision as well. We wanted something that was state of the art, very secure, biometric logins and so on. We wanted something new, something more modern, and flexible, I would say. We wanted to have something that was simple to use, fast, reliable, and easy to roll out within the organization.
One of the things that we really liked about BlastShield™ is the ease of use. From the time we signed up for the initial trial and started trying that, it took us, what, 10 minutes to have a connection between two countries and two users and started building from there. It's very easy to roll out to the rest of the organization. We didn't really see a lot of resistance and people having a difficult time using it and so on. So, I would say that is one of the things that we really like about the solution.
What we have been looking at since we started adopting BlastShield™ is the micro segmentation and the possibility of bringing our end users, our customers, under the same security solution because, in our industry, as a provider, you always encounter things like side to side VPNs or IP white listing and these kind of things and we really see that the BlastShield™ solution can help us to bring that up a level whilst not being a burden for our customers to use.
As a small company, a2i, we know that customer service is very, very important in how you treat your customers, etc. and during the whole roll up period together with BlastWave™, we have had an excellent experience with their customer support. They have helped us to resolve issues that we encountered during the rollout quickly and even listened to our feedback for upcoming features and enhancements of the product. So, the whole transition experience has been great.
PriceCast Fuel (PCF) is the world’s first industry-specific retail fuel pricing, management and optimization solution developed by A2i. By combining state-of-the art artificial intelligence and machine learning with big data, PCF brings dynamic, predictive consumer-behavior-based pricing to the retail fuel industry.
During the pandemic, A2i was growing and adding staff, making their existing virtual private network (VPN) untenable in terms of performance and dropped connections. In one case, a remote employee was unable to work at all due to the limitations of a “centralized” architecture. The performance of the private network was just too slow to get their basic job done, hindering the effectiveness of the network. Furthermore, A2i realized that the security vulnerabilities and exploit opportunities mandated finding a VPN alternative.
A2i already had a hardware VPN solution, but they needed an alternative because it was too generic and built for small business, so it scaled poorly across their global network. With a large number of people working from home with their devices and using a lot of bandwidth, the network became unacceptably unstable, a huge security risk, and therefore unusable.
In exploring options, A2i looked at several different VPN alternatives. One was to add more hardware to add VPN concentrator capacity, but this was just kicking the can down the road. Another option was to use some of the more modern VPN alternatives that funnel all traffic requests through a proxy server and then fan out to connect to those devices and services (proxy-fan architecture). Although these approaches have grown in popularity, these alternatives to VPN still suffer from a bottleneck (the proxy server) and don’t allow east-west traffic between nodes downstream of the bottleneck. They were also concerned about phishing, social engineering, credential attacks, and other security breaches, so they needed to find something easy to use that eliminated usernames and passwords.
The security of A2i’s data, their user data, and their customers’ data is their highest priority and A2i wanted a more modern ZTNA solution that:
A2i needed a reliable ZTNA solution that could stop:
BlastWave’s BlastShield™ rapidly filled these needs for A2i with its patented ZTNA solution, which made it the obvious VPN alternative. A2i was pleased with BlastShield’s secure, flexible, and blazing-fast network performance. They could trust that their network access was secure, fast, and reliable.
A2i fell in love with BlastShield’s ease of use. A2i signed up for the initial trial and built a rudimentary network crossing two continents with two users in just 10 minutes with a secure access service. The network was very easy to roll out to the rest of the organization. A2i experienced little resistance from users due to the elimination of usernames and passwords, allowing them to enjoy both convenience and heightened security across the network. Employees no longer had to come up with new passwords every 90 days or keep track of their private credentials. Users also didn’t need tedious training on how to avoid phishing campaigns, since there was nothing to be phished across the secure network. The ease of use of BlastShield's secure remote access solution saved time and money that would have been spent on installing and configuring other expensive VPN alternative solutions or remote access alternatives (such as RDP or remote access/remote control apps) that provide little protection and in some cases introduce new security vulnerabilities. The secure network was easy to set up and connect devices to.
With BlastShield’s microsegmentation, A2i's management also recognized the advantage of bringing their end users - their customers - under the same security solution. As a provider, they know their industry continuously encounters things like site-to-site VPNs or IP white listing, etc. And, the increased prominence of supply chain attacks made them realize they could protect their customers and suppliers by creating a fine-grained ecosystem of control that would not allow malware to move through the supply chain unchecked via a VPN that provided remote access which was not secure. A2i saw that BlastShield(™) could add a robust level of security coupled with secure remote access without being a burden for their customers to use. The network vulnerabilities are shielded to prevent internet and cyber attacks across the network.
Aside from the ease of use and security benefits offered by BlastShield(™), A2i also made their network and data centers less likely to be the victim of a security breach resulting in, among other things, ransomware. A2i could reduce the likelihood of a ransomware attack on their network, saving them thousands, as the average ransom payment has increased from $115k to $570k in the last 3 years. BlastShield(™) continuously saves users money by protecting them from ransomware attacks and the other costs associated with a security breach. Prevention is MUCH cheaper than detection and remediation.
BlastShield(™) helps prevent and isolate attacks, mitigating the spread of malware by reducing the “blast radius” of a breach. BlastShield(™) also enables cloud-native app development by securing microservices, containers and Kubernetes clusters in the network.
BlastShield(™) is the first all-in-one SDP patented solution that combines infrastructure cloaking and passwordless multi-factor authentication (MFA) for identity-based secure remote network access for organizations that have adopted a zero-trust security model. BlastShield(™) enables organizations to hide on-premise and cloud workloads from outside and inside security threats, concealing an organization's infrastructure from cyberattacks through software-defined microsegmentation without modifications to existing network fabric, hardware, or management.
Experience the simplicity of BlastShield to secure your OT network and legacy infrastructure.
“BlastShield truly works. In test after test, I was unsuccessful at circumventing its passwordless MFA login for remote access as well as break outside the software-defined microsegmentation to pivot around inside the network.” - Alissa Knight, Former CISO, Recovering Hacker