Any company that handles its customers’ financial data has a duty to protect that information. Cielo, one of the largest payment systems companies in Latin America by revenue and market value, takes this responsibility very seriously. The company not only maintains clear customer-facing communication channels and a high degree of transparency regarding data controls, but also constantly works to improve its security posture.
“Data security is a highly dynamic space,” says Glauco Sampaio, Cielo’s Chief Information Security Officer. “As a professional in this space, I’m always studying trends and staying up to date on what is ultimately an ever-evolving threat landscape.”
Like most large companies, Cielo has, over the years, improved its data security infrastructure by adopting solutions that met its immediate needs. This resulted in an IT landscape that provided good visibility into the company’s critical assets, but was expensive and laborious to maintain. Constant and time-consuming effort was required to keep the solution running properly. In addition, these costs were compounded by the need to attract and retain a specialized workforce trained in a wide range of platforms provided by multiple providers. More costly than all of these issues, however, was the lack of interoperability between the solution’s security layers.
Cielo recently identified an integrated platform capable of replacing its complex security solution. Built entirely on Microsoft technology, the new solution focuses on Microsoft Defender XDR, Microsoft Sentinel and Intune, in addition to incorporating Microsoft Purview, Defender for Office 365, Defender for Endpoint, the Defender for Identity, Cloud App Defender and Microsoft ID Sign In. Importantly, this platform has not only boosted operational efficiency, but has also increased threat response capabilities and strengthened the company’s overall security posture, providing Cielo with all the control over sensitive data it requires.
A powerful new security landscape
Replacing its previous endpoint management solution was a huge win for Cielo. Internal systems and configurations located across more than 5,000 devices made the transition complex. The company made sure to make the necessary changes gradually to minimize any potential negative effects on users. This decision paid off, both financially and in terms of user experience.
Disclosure / Microsoft
Cielo was able to exit its costly contract with its previous solution provider, and internal users quickly gained confidence in its capabilities with Microsoft solutions. “We had a fair number of questions and some debate early in the adoption process,” Sampaio recalls. “Once our security professionals gained confidence with the technology, however, they quickly became some of our strongest advocates for Microsoft security solutions.”
Microsoft Sentinel, a comprehensive security and operations solution that enables enterprises to confidently detect and respond to threats at the speed and scale of the cloud, is central to the new solution. As Sampaio says, Microsoft Sentinel provides Cielo with centralized visibility, the rules that determine how security alerts are generated, and automated responses. “Microsoft Sentinel is at the core of our response team’s work,” Sampaio says. “It provides greater agility for our team and enables automated responses to a range of potential threats and pre-mapped use cases.”
Cielo also sees Defender XDR and Intune as key to its new security architecture. Defender XDR provides incident-level visibility across the company’s many and diverse endpoints, and Intune helps identify company assets and the potential for action against them. Other Microsoft solutions also play important roles. “I like Purview for its document classification capabilities and for preventing information leaks,” Sampaio notes. “We also highly value Defender for Endpoint and Identity as the primary layers of protection for our environment.”
As each of these solutions was introduced, Cielo made a point of putting employee education at the center of the adoption process. This deepened employees’ understanding not only of the technologies at their fingertips, but also of their responsibilities as data stewards. “It’s important for every company to have data security truly embedded in its DNA,” says Sampaio. “That’s how we operate at Cielo.”
Final results
Since migrating to the Microsoft solution, Cielo has seen its security posture improve in several ways. “By adopting multiple interoperable Microsoft security solutions, we have improved our preventative capabilities, our incident response times, and our scope for monitoring our environment,” says Sampaio. “And we have done it all much faster than we could have done otherwise.”
These benefits have also continued to grow since the adoption process. Increased automation, for example, has played a major role in what Sampaio describes as a dramatic reduction in threat identification and containment times. Cielo’s security team has also been pleasantly surprised by the advanced technical capabilities of the solution and the frequency with which Microsoft expands its capabilities, including by adding new features. “At one point, third-party technologies presented potential gaps in our security landscape,” Sampaio recalls. “Fortunately, Microsoft solutions filled those gaps at no additional cost to us.”
Even more surprising to the security team was the new visibility into the Security Operations Center (SOC). The synergistic benefits of multiple Microsoft solutions combined to give the Cielo SOC expansive, real-time visibility into devices, identities, email, cloud applications, and data across its entire landscape. “It was surprisingly simple to enable real-time visibility across our entire environment,” says Sampaio. “It was a leap forward in our security maturity level, and with the native interoperability of our Microsoft security solutions, we achieved this much faster than we expected.” While Sampaio highly values the reduced costs and simplicity of managing relationships with fewer vendors, it’s this increased interoperability that he highlights. It’s also something he hopes to expand at Cielo in the near future.
“We continue to work with Microsoft to increase synergy between various technologies,” he says. “We are constantly identifying new opportunities that will bring greater operational and financial benefits to Cielo.” One technology on the roadmap that Sampaio is especially excited to work with is Microsoft Copilot for Security, an AI-powered security analytics solution capable of delivering tailored security insights and new integrations through a natural language interface. “Easily automating known incident response scenarios is something we couldn’t do until we adopted an integrated security platform from Microsoft,” says Sampaio. “With Copilot for Security, we expect our incident investigation and response times to accelerate even further.”
By consolidating its security landscape, Cielo has reduced its operating costs, increased visibility, and advanced its overall level of security maturity. But Sampaio sees another important benefit. “Consolidation can present a real opportunity to break stagnant paradigms, shake up the process, and uncover improvements that business leaders might otherwise miss,” he says. “With so much to gain, I see no reason not to seize the opportunity.”
