West Lotto tames Kubernetes complexity and keeps its applications secure with Dynatrace

West Lotto is an impulse-driven business, with the majority of its tickets purchased during the final few minutes before a lottery draw; especially when there is a large jackpot. This sporadic customer behavior creates huge demand spikes on the digital infrastructure that underpins ticket sales through the West Lotto website and in-store POS terminals. If West Lotto’s applications are unable to support the surge in transactions, there is a huge risk to the business. An outage of 30 minutes can cost as much as €500,000 in lost revenue.

Three years ago, West Lotto embarked on a modernization drive to make its applications more resilient against sudden spikes in demand. Its technology team migrated its critical business applications onto a more scalable container-based architecture, running on Kubernetes. While the migration enabled West Lotto to quickly scale its applications in line with user demand, it also made it more difficult for teams to maintain real-time observability into service performance and availability and identify vulnerabilities. To address this, West Lotto approached its technology partner, dakoServ, to recommend a more advanced observability solution that could handle the complexity of Kubernetes.

Due to the speed and complexity of a containerized architecture, West Lotto knew that it was unlikely to encounter the same issue more than once. It therefore needed an observability solution that could identify and understand the root cause of a problem or find a vulnerability as soon as it emerged, so its teams could resolve it as quickly as possible. After discussing its needs with dakoServ, West Lotto agreed Dynatrace was the perfect fit, because it would give teams real-time visibility into Kubernetes.

“Dynatrace gives us the ability to have deep visibility into what is happening on our platform,” said Arne Fischer, IT Security Officer, West Lotto. “Customer experience is key for our business. Tuning that by just one percent leads to an increase by factor ten in our revenue. Previously we had no idea where to turn the screws, but Dynatrace gives us a view.”

• Reduced business risk: Being a state-owned lottery company, it is essential that West Lotto does everything in its power to guarantee the security and privacy of its customers by protecting their data. When critical zero-day vulnerabilities emerge, like Log4Shell, West Lotto’s teams need to act fast to identify and mitigate their risk exposure. Dynatrace has proven invaluable in showing West Lotto exactly where vulnerabilities exist in a matter of minutes.
• Easier collaboration: West Lotto has given its application development partner direct access to Dynatrace, enabling them to benefit from the same real-time insights. With Dynatrace’s Real User Monitoring capabilities, the development partner can also go beyond functionality tests to get a deep insight into customer experience. As a result, West Lotto enjoys a more collaborative relationship and can act up to 80% faster to resolve performance issues and vulnerabilities.
• Proactive improvement: Dynatrace enables West Lotto and its development partner to see how its services are performing under periods of high load, which allows them to identify and resolve issues before customers are impacted. West Lotto is also able to use these insights to optimize its services proactively to create better customer experiences and reduce the risk of unexpected problems that could impact revenue during the final minutes before a lottery draw.
• Improved regulatory compliance: Looking to the future, West Lotto is exploring the potential to use Dynatrace’s Kubernetes Security Posture Management capabilities to support its regulatory compliance and reporting processes. The deep, real-time insight into West Lotto’s security posture will be invaluable for complying with industry standards such as ISO 27001 and other regulatory frameworks by surfacing the information needed for audits within minutes.

“Dynatrace Application Security benefited us a lot when we shifted to our new containerized environment,” said Fischer. “We had no idea what was going on in Kubernetes. With Dynatrace, we got that visibility into vulnerabilities back. Previously, it would take weeks, maybe months to detect that we are affected by a vulnerability. With Dynatrace’s automation and continuous monitoring of the state of threats, it's in minutes. So Dynatrace is, for me, number one.”