Securing secrets help Swedish aluminum manufacturer stay on top

If you're a world leader in manufacturing high-end aluminum products, chances are one of the things keeping your chief information officer awake at night is concern about a data security breach. That is certainly true for Swedish manufacturer Gränges, a company known globally for its rolled products for brazed aluminum heat exchangers.

Gränges has manufacturing locations in Sweden, China, and now the United States. Gränges offers a complete range of clad and unclad rolled aluminium products in various widths, gauges, and tempers that are used for brazed heat exchangers. The variety of its offerings works well for customized solutions, especially in the automotive and the HVAC&R industries.

"This position can only be achieved by extensive R&D and production know-how. Our products are a result of R&D with advanced knowledge about metallurgy and the production process, meaning a data breach is of special concern," according to Bilal Chebaro, CIO at Gränges .

What if it really was a breach?

Although no data breach had happened, that possibility was something he Chebaro could not ignore. So he called Olov Norman, Service Delivery Manager at Innofactor. Norman suggested an Microsoft Enterprise Mobility + Security (EMS) project to lock down the company's PCs, with a particular focus on Azure Information Protection to improve the security of sensitive data. He also suggested putting in place an infrastructure that would let Gränges secure its mobile devices with Intune when the company is ready.

The immediate focus was on the AIP portion of the project. Even though there was no incident regarding a proven breach, Chebaro wanted to know for certain moving forward whenever a breach occurred, and in the meantime he wanted to be certain that all R&D files were secure, and that a good, solid business process was in place for how to categorize the data appropriately.

And the next time there is a call about a potential breach, Chebaro says, Gränges will have access to much more information to identify and address any concerns. AIP allows you to classify, label, and protect data at the time of creation or modification, by using policies to classify and label data in intuitive ways based on the source, context, and content of the data. Beyond that, AIP enables persistent protection that travels with your data, ensuring data is protected at all times, regardless of where it is stored, with whom it is shared, or what the device is running. By delivering visibility and control over shared data, AIP allows IT to use logging and reporting to monitor, analyze, and reason over shared data.

In a sense, the timing of the possible breach, and the immediate efforts to shore up security, were somewhat fortuitous, given that Chebaro and his company have even larger plans that need a well-secured base. "We have started a pre-study where we decided on implementing a common business platform, because we had two plants, one in Sweden and one in China, in Shanghai," Chebaro says. "And these two plants run two different systems." And then last summer, Gränges acquired a large business in the US, one that doubled the size of the company.

The company has started to implement a common business platform in Sweden, using Oracle eBS and Fusion Cloud, a product that helps organizations do business across locations and countries by standardizing processes and helping to simplify compliance. And beyond that, Gränges has even started to implement a common Manufacturing Execution Systems (MES) using a standard soltion from PSI Metals. Office 365 was one of the first common software implemented across the company.

Explore Enterprise Mobility + Security solutions.

"We sleep better at night knowing that the information is not accessible for parties who shouldn't access it. It's important for us to be sure that we can secure business critical data that we don't want to share with everybody else," says Bilal Chebaro: Chief Information Officer, Gränges.