
Modern Cyber Security for GO!
On the advice of its cybersecurity specialist SecWise, GO! adds the
Microsoft Defender 365 suite and Azure Sentinel to its migration plans.
Challenge
Tight cyber security is an absolute necessity ”, says ICT Manager Jan
Buytaert,“ nevertheless a number of cyber incidents occurred at the
beginning of the calendar year. These had an impact on GO!'s operations
and convinced our management to expose our vulnerabilities and then
secure them. We appointed SecWise to perform a security audit and
implement modern threat protection solutions.
Approach
A year and a half ago, GO! became the victim of a cyber attack. The
software for virtual desktops in particular was targeted. For IT manager
Jan Buytaert, this was not only the final signal to accelerate the
migration to Microsoft Azure and Microsoft Office 365, it was also the
reason to take a closer look at cybersecurity. On the advice of its
cybersecurity specialist SecWise, a security risk assessment was
executed after which GO! proceeded with the recommendations to
implement the Microsoft Defender 365 security suite and Azure Sentinel.
Result
SecWise translated the recommendations of the security audit into a
roadmap. “In the past you had enough with a firewall and antivirus, but
now you can no longer only rely on those products,” says Koen Jacobs of
SecWise. "Because GO! wants to phase out its own datacenter in favor of
the cloud - and thereby mainly switch to Microsoft technology, we
recommended expanding their license to to also include the Microsoft 365
Defender security suite."
With that, GO! not only protects laptops, but also keep its e-mail
application free from spam and keep its new cloud environment free of
malware. “People often think that the cloud is already secure, but you
are still responsible for what happens on their - admittedly secure -
platform. You have to take care of the security of the applications that
run on it, ”says Buytaert.
GO! made a conscious choice for Microsoft. “As an IT service, we also
develop our own software. We also work with Microsoft Office 365 and
Microsoft Azure. You can plug in Microsoft Defender 365 into the
existing applications such as Teams and Outlook. You can warn others
about dangerous emails or spam at the touch of a button. So we went to
Microsoft mainly from a user perspective ”, says Jan Buytaert.
Endpoint protection on 400 laptops prevents phishing, among other
things..
Step one in the new security strategy was the addition of Microsoft
Defender Advanced Threat Protection to GO!'s Windows 10 devices! That
project started just before the corona lockdown. The antivirus has
already been installed on the devices of the 400 employees of the
central services. “It was almost a day's job before April to determine
whether or not certain emails were phishing attempts. Now Defender ATP
automatically stops them, saving the team half a FTE equivalent. ”
Buytaert says.
Get smarter with Azure Sentinel
To increase visibility in their network and have a better understanding
of cybersecurity, SecWise also activated Azure Sentinel SIEM. That is
security incident & event management software, with which the
security team can view and tackle any cyber incident. Koen Jacobs: “We
also want to monitor the servers and security services better. We want
to send all "security logs" from every application to Azure Sentinel,
automatically filter it and take action if necessary. Sentinel
automatically quarantines malicious files. There is also a machine
learning component that helps to detect false positives. ”
“We are a small team but have to provide the same services as a large IT
service,” Buytaert adds. “With smart software such as Sentinel you can
now automate many tasks. In this way, we do not have to provide
specialized technical training for our people. ”
In the future, GO! manage devices remotely
With identity and device management, the following security projects are
already in the pipeline. In the first instance, the ICT manager wants
to manage the GO! Devices more efficiently. “Our current device
management software does not work well from a distance. Corona shows
that this is a problem. We would do better with Microsoft Endpoint
Manager, the newt project in our pipeline with SecWise.
Want to learn more?
Do you want to know more about a specific project, please contact us for more information.
Learn more about this case
Do you want to know more about a this case, please contact us for more information.