A&W Food Services of Canada Inc. is the country’s original—and
fastest growing—burger chain.
In 1956, the company’s combination of great-tasting food and mugs of A&W Root Beer® proved to be an instant hit.
Since then, A&W Food Services of Canada Inc. has continued to grow, expanding into more than 800 locations.
A&W remains Canada’s number-1 brand of root beer and is available not just in the restaurants, but also in cans and bottles at local grocery stores.
Started in Winnipeg in 1956, A&W Food Services has grown in a
structured manner. However, the company’s healthy expansion put a
strain on its outdated infrastructure. In 2005, Bruce Jamieson joined
the organization as Network systems manager and led the efforts to
modernize and upgrade the company’s technology assets.
Initially, the existing security solutions weren’t the most pressing issue, so he focused on virtualization of servers, de-duplication of information, and updating racks and wiring in the data center. However, years later, securing these updated environments required his full attention.
“We had another security vendor’s endpoint solution on all our endpoints,” said Jamieson, the network systems manager in the Information Services group for A&W Food Services of Canada Inc.
“Initially, the existing security had done an okay job. However, through the years, it just got too resource intensive. Besides being big and clunky, the reports never worked. They always showed “0” counts for infections and incidents. At one point, I was dealing with three infections, and the reports still showed all zeroes. Over a span of three weeks, we had six infections—more than we’d ever had at one time. That was the last straw. I knew there was something better for us.”
More recently, A&W was challenged by the increasing cost and acquisition time of SSL certificates. To protect its web domains and applications, the company purchased SSL licenses from a number of vendors. “It would often take several days to get a certificate back and it was expensive,” said Jamieson. “When we started adding web sites and increased our use of web-based applications, we realized we needed a better SSL solution.”
Network systems manager for A&W Food Services of Canada
Jamieson knew there was a better security solution available for
endpoints because he had worked with Trend Micro solutions before
joining the team at A&W Food Services of Canada Inc.
When it became apparent that the in-place security solution was not protecting endpoints and was impacting performance, Jamieson deployed Trend Micro™ OfficeScan™ solution.
“OfficeScan was easy to deploy—it even uninstalled the previous solution for us,” said Jamieson. “There are only two of us supporting the desktop and server infrastructure, so the ease of deployment was great. OfficeScan also took up much fewer system resources compared to the previous solution, so it solved performance problems and improved protection.”
A&W Food Services of Canada Inc. had an opportunity to evaluate another Trend Micro solution shortly after deploying OfficeScan. The company was considering expanding its virtualization initiative to launch a virtual desktop infrastructure (VDI) service. By this time, the company was already using VMware, with about 95% of server workload executing on virtual machines (VMs).
“In evaluating VDI, we learned a lot about VMware® Horizon View™—we think that as many as two-thirds of our desktops could be virtualized,” said Jamieson. “We learned that we could buy less expensive thin clients instead of $1000 PCs, or we could use VDI to extend the life of older PCs by a couple years. So we decided to pursue the technology.”
When the company switched to Trend Micro for endpoint security, they also looked at Trend Micro Deep Security and recognized that the product’s agentless security was an excellent fit for the VDI project.
“Virtualization has helped us reduce the footprint of our servers,” said Jamieson. Now, VDI will do the same for the desktops. Deep Security fits into virtualized environments really well. Its zero-footprint agentless security was what we needed for the virtual desktop sessions. We are also looking at the other Deep Security modules to improve protection on all of our servers, and it promises to further lower overhead on those systems as well.”
The Trend Micro™ Smart Protection Network™ infrastructure greatly contributes to the offloading of solutions such as Deep Security. Besides keeping the security footprint as small as possible, Smart Protection Network also provides immediate protection when a new threat emerges. Web reputation and file reputation is correlated in the cloud, and whitelisting capabilities prevent false positives within the file integrity monitoring function of Deep Security.
“The Smart Protection Network adds a layer of intelligence that saves us time,” said Jamieson. “We don’t have to weed through the false positives; we can just focus on what is unknown or suspicious. The cloud-based reputation data bases complement Deep Security, and give us a better overall solution.”
A&W Food Services of Canada Inc.’s desktop security team is getting started with VDI by setting up a server to support a sample of internal desktops. Instead of running Windows directly on their desktops, users can execute a virtual desktop image that is hosted on a server in the data center.
To solve its SSL certificate problems, Jamieson turned to Trend Micro™ Deep Security for Web Applications. After testing the solution, he immediately saw its value. “The solution was flexible, easy to use and allowed us to deliver licenses in minutes, instead of days. We were instantly issuing SSL certificates to web developers—and the solution included unlimited subscriptions, making it a cost- effective way to reduce our risk level,” said Jamieson. Deep Security for Web Applications also includes vulnerability scanning capabilities, which A&W has just begun to use.
Switching to Trend Micro security is progressing at A&W Food
Services of Canada Inc., with plans to evaluate and introduce
additional Deep Security modules and extend features across more
“My first objective was to get rid of the heavy overhead that the previous endpoint solution was putting on our systems,” said Jamieson. “OfficeScan did that. Now, Deep Security promises to give us additional gains in terms of the security footprint throughout our virtualized data center. My second objective was to introduce security that really worked. Since we replaced the previous solution, we can see that Trend Micro has stopped the infections.”
For example, when an A&W field representative picked up CryptoLocker ransomware from a public network, Jamieson received an alert that the malware had been found and he was able to run scans, restore directories and get the system back up and running. “If this ransomware event occurred before we had Deep Security, we would have been in big trouble,” said Jamieson.
The company has also grown to appreciate the simplicity of Trend Micro security. “We haven’t had to do a lot since deploying Trend Micro security—the products just seem to run and work,” said Jamieson. “In terms of administration, we save time with Trend Micro for sure. We really like the display for Deep Security—green shows us at a glance that everything is good. Having Deep Security is a big help.”
Deploying Deep Security for Web Applications dramatically reduced SSL certificate acquisition time and cost. “It’s so fast and easy to issue SSL certificates that I have time to work on other projects.
The solution paid for itself after six months,” said Jamieson. “We recently started using the solution’s scanning function. It’s easy to login and see reputation and detection results. As we add web sites, we’ll continue to use this feature.”
Working with the Trend Micro support team has also been valuable for Jamieson. “The customer service at Trend Micro is very responsive and knowledgeable—they’re always there when we need them,” said Jamieson.
Network systems manager for A&W Food Services of Canada