Thyssen-Bornemisza National Museum

Protects its virtual infrastructure with Trend Micro

Safety is critical to Thyssen-Bornemisza National Museum, given the value of the vast collection of priceless art the gallery houses. To protect their systems within an increasingly connected world, and to comply with the General Data Protection Regulation (GDPR), the museum has chosen Trend Micro Deep Security Virtual Patching solution.

Overview

Located in Madrid’s Golden Triangle of Art, the Thyssen-Bornemisza National Museum is an emblem of international art. It currently houses one of the most important pictorial collections in the world, assembled by the titular Thyssen-Bornemisza family. Although of private origin, the Thyssen-Bornemisza collection has been in possession of the state since 1993. Today, the museum has close to 1,000 pieces of Western paintings ranging from the 13th to the 20th centuries, with more than 200 works being added in a free deposit from Baroness Carmen Thyssen-Bornemisza’s private collection. The museum has remained true in its commitment to culture and its goal of spreading awareness through its extensive offering of activities. At this time, the institution has been able to adapt and be at the forefront using new information technologies, while maintaining security at the base of all their projects.

Challenges

With more than 150 employees, one million visitors per year, and a strong international vocation, the museum is governed by strict principles regarding efficient and streamlined resource management following the criteria of quality, innovation, and permanent exclusivity. Due to their commitment to innovation, IT has always played an important role in their quest to facilitate and enable new channels of access to culture and to create better user experiences. As part of its transformation, IT has worked to optimize management by combining traditional business with digital alternatives.

Thyssen-Bornemisza was one of the first museums to invest in desktop virtualization technologies in order to centralize, simplify, and homogenize data access and processing. Their goal was to reduce costs and offer employees a personalized and secure user experience. Trend Micro’s solutions were able to facilitate the process of automatically deploying and updating applications, which improved and substantially reduced maintenance and management tasks.

"Deep Security was the only one on the market that offered agentless protection for the entire infrastructure, relieving the burden from having to install different security tools on each endpoint."

Javier Espadas
CTO of the Thyssen-Bornemisza Museum

Why Trend Micro

“We went from a physical environment, protected with Trend Micro Apex One with traditional antivirus solutions, to a virtual one that required other resources and new ways to address security,” explains Javier Espadas, CTO of the Thyssen-Bornemisza Museum. After analyzing the options of several vendors, “Trend Micro Deep Security was the only one on the market that offered agentless protection for the entire infrastructure, relieving the burden from having to install different security tools on each endpoint. We avoided having too many products that didn’t work well together and who would compromise performance.” Physical and portable computers, as well as connections of employees working remotely, continue to be protected with Apex One.

Solutions

Over time a new challenge was raised; once the project was completed, the virtualization infrastructure provider, VMware, modified its licensing model for NSX software. This meant that the museum had to scale to a higher version, resulting in cost increases. “We needed smart, optimized, connected endpoint security from an experienced vendor, and Trend Micro once again gave us that solution,” Israel Martínez adds. Faced with this situation, an agent was installed on each machine to ensure optimal performance. This has led the museum’s IT team to deploy Trend Micro solutions throughout all of their production stations and work environments, in addition to their existing anti-malware solutions based on signatures and behavior.

Another reason the Thyssen-Bornemisza Museum continues to rely on Trend Micro is the virtual patching function of the systems. To do this, they have recently deployed Trend Micro Virtual Patching as part of their licensing of the IDS/IPS firewall, thus being able to control all lateral movements between servers. Referring to the fact that GDPR’s stringent regulatory requirements have now been met, Espadas says, “Thanks to Virtual Patching, we have peace of mind that vulnerabilities are patched before they can be exploited, which avoids risking the privacy of information and safeguarding the reputation of the institution. The entire virtualized infrastructure now has Trend Micro security guarantees, and both servers and endpoints utilize virtual patching protection.”

"We needed smart, optimized, connected endpoint security from an experienced vendor, and Trend Micro once again gave us that solution."

Israel Martínez
Systems Manager of the Thyssen-Bornemisza Museum

Results

Technological innovation regarding information management is key, as is its protection. Inevitably, the use of IT is directly related to security needs, both internally and externally. “Systems are increasingly connected, and as a result, the attack surface multiplies exponentially. Protecting our corporate systems and data from malware, ransomware, phishing, and other advanced threats is a priority for us”, Martínez says.

Since Thyssen-Bornemisza Museum has partnered with Trend Micro, they have successfully avoided any major security breaches, helping to maintain their reputation within the community. The Thyssen-Bornemisza Museum’s commitment to its visitors, suppliers, sponsors, and entire ecosystem of partners remains strong with the knowledge that information security is certain, and in the hands of a great specialist.

Next Step

The Thyssen-Bornemisza Museum will continue to advance its digital transformation. To do so, they will further their virtualization and explore new trends in hyper convergence to gain connectivity. They are also adapting to the National Information Security Scheme and managing a security ISO.