SMBs can strengthen security and manage the demands on their IT infrastructure as they experience growth while minimizing the impact on capital and operating costs.
In business for over 25 years, our client, a leading Canadian packaging supplier offering packaging materials, equipment, and engineering services, was having a challenging time effectively managing the impact of growth on its IT infrastructure. Focused on delivering its core business to clients helped to expand its business to the national level. However, this growth made it challenging to stay ahead of the IT demands including the management of multiple locations, a remote workforce, and heightened security risks.
Business Challenges
Secure Hosting: Our client was hosting its core business applications in an unsecured location at its head office. They had limited Internet security exposing them to cybersecurity risks, and no redundancy built into the IT infrastructure creating potential issues with availability. There were also single points of failure issues for server hardware, power, and cooling that needed to be addressed. As they continued to grow and do business with larger organizations, they needed to ensure their IT infrastructure would be hosted in a SOC 2© compliant secure data centre.
Secure Access: Employees were accessing core business applications from anywhere, including from home. The security risks, associated with that, needed to be addressed because threat actors could potentially spoof an e-mail address and gain access to critical company data.
Password Policies: Password policies were not in place. Many users were set up with the same password. This is not all that uncommon for setup, but what is uncommon is not having an automated, unavoidable prompt for users to change their password upon their first login. With no password policies in place, many employees used the same setup password, and they were never changed.
E-mail Hardening: E-mail systems faced surface vulnerability leaving them at risk of fraudulent and spam e-mails including the risk of fraudulent actors sending e-mails from their domain name and potential deliverability issues.
Vulnerability Scan: Their network and endpoints had weaknesses or entry point security issues that left them open to potential security threats.
Cyber Security Monitoring: Their IT infrastructure was not secured enough, with no proactive security threat monitoring. SMBs are increasingly experiencing ransomware attacks, leaving them at risk of a potential security threat.
Business Solutions
Secure Hosting: Cover-All resolved the hosting issues our client was experiencing by hosting its IT infrastructure in a SOC 2© compliant facility and by migrating its server(s) to IBM Cloud®. Our partnership with IBM Cloud® provides our clients with the best of both worlds – access to IBM Cloud® technologies accompanied by the personalized Managed Cloud Services that Cover-All is known for. Their business applications are now hosted in a secure location, they have built-in local redundancy, high availability, no single point of failure, with hardened Internet and cyber security.
Secure Access: We installed multi-factor authentication on all desktop and laptop computers and implemented a policy to only allow access to company information via this method. Only authorized computers configured with our client’s security profile are permitted access to the internal network through VPN.
Password Policies: Cover-All implemented password policies to ensure that all employees have unique passwords and that these passwords are changed every 60 to 90 days.
E-mail Hardening: We hardened their Office 365 environment by employing all the security features that are inherent with the Office 365 platform.
Vulnerability Scan: Cover-All ran an extensive vulnerability scan, discovered, and closed dozens of weaknesses or entry points to mitigate potential security risks. We also provide ongoing security monitoring to identify any new potential security risks.
Cyber Security Monitoring: Cyber attacks against SMBs are growing in both frequency and severity. To help protect against these types of threats, we installed a new 4th generation firewall, Sentinel One endpoint protection on all of the laptops and desktops and are now monitoring their network 24/7/365 from our Cyber Security Operating Centre (CSOC). We have implemented a SPLUNK Security Incident Event Management system that is the core of our cyber security monitoring service. This allows us to monitor the environment around the clock and quarantine vulnerabilities that potentially pose a threat to the business.
Ongoing User Support: As well as their IT environment having been hardened, they now have access to Cover-All’s 24/7/365 Service Desk support to respond to all their IT infrastructure needs.
Business Results
Our client is now operating in a secure IT environment and ready to expand its service offering without IT security concerns. Not only do they have the infrastructure to manage this growth, but they have the SOC 2© security requirements that many large organizations demand from their suppliers. They now have the IT environment necessary to meet current data needs, with plenty of room to grow as their business expands. They are confident in the knowledge they have a support system to not only monitor daily risks but to also respond to any IT-related concerns.
CONTACT COVER-ALL TODAY!
Cover-All is a Managed Services Provider delivering cost-effective solutions for Managed Cloud, Managed Mainframe, Managed IT, Cyber Security, Co-Location, Backup & Recovery/DR, and Cloud & IT Consulting Services.
To discover how we can help your business, give us a call at 1-833-268-3788.