Data Trust, established in 2011, is a leading first party data company specializing in US voter information and electoral data. The company’s expertise lies in collecting, enriching, analyzing, and maintaining high-quality political data on a massive scale. With information on over 300 million individuals and more than 2,500 unique data points per person, Data Trust provides critical insights to various organizations involved in election campaigns across the United States.

The challenge

At the core of Data Trust’s operations is the critical task of protecting sensitive information. The company’s sophisticated data management systems safeguard not only publicly available data but also their proprietary insights and proven methodologies. This level of security is paramount, as a single data breach could severely undermine the trust of its clients and potentially tarnish the company’s reputation.

By leveraging its expansive data warehouse and robust IT infrastructure, Data Trust ensures the integrity and confidentiality of its vast data resources. This commitment to data protection and privacy is fundamental to maintaining the confidence of its clients and solidifying its position as a trusted partner in the political data landscape. Needless to say, confidence in Data Trust’s ability to manage sensitive information securely is crucial for both its business success and that of its clients. While the company primarily collects publicly available data, it must vigilantly protect its invaluable data insights and proven methodologies from theft or unauthorized access. Equally critical is safeguarding its IT infrastructure from potential compromises, including data breaches, cyberattacks, or system vulnerabilities. Any form of data compromise could not only jeopardize the company’s proprietary information but also undermine the confidence its clients place in its ability to handle sensitive political data securely.

While satisfied with its previous cybersecurity set-up, the rising frequency of cyberattacks on all industries in recent years, and escalating geopolitical tensions around the world, led Data Trust to seek a cybersecurity partner that could elevate its data security to the world-class level. As a Microsoft-first company, it needed a global cybersecurity specialist with deep Microsoft expertise that could provide tailored, flexible, and scalable services while ensuring maximum protection around the clock. Microsoft recommended Data Trust reach out to Quorum Cyber, a Microsoft Solutions Partner for Security, a member of the Microsoft Intelligent Security Association (MISA), and holder of all four Microsoft Security specializations, to its shortlist of potential service providers.

“We wanted a company that wasn’t just aware of Microsoft’s services, but truly an expert in them – whether it’s Sentinel or Microsoft’s operations in general,” says Bill Dunne, Data Trust’s Chief Operating Officer. “This expertise was crucial because everything we do is natively Microsoft-based. Every device we use is Windows-based, and we host all our core assets in Azure. Although we have data in a few other clouds for marketing purposes, the core assets live in Azure and Microsoft. Therefore, it was essential for us that the firm we partnered with had a strong background in Microsoft services.”

Vote of confidence for comprehensive security

“What put Quorum Cyber ahead of the field was the feel we got for the team,” says Bill. He was particularly impressed that Federico Charosky, Quorum Cyber’s Chief Executive Officer, attended the first meeting. And Data Trust’s technical team verified that the cyber security specialist’s experts had the skills, knowledge, and certifications required to master Microsoft’s security stack.

“Overall, we felt like we had a great rapport with Quorum Cyber’s team, and we were confident they could protect us 24/7, 365 days a year,” adds Bill. “They took the time to ask about our specific challenges and listened to us.”

Another major benefit was that an Incident Response service was included as standard, so that if an adversary should breach the company’s systems, Quorum Cyber’s qualified and highly experienced incident responders would rapidly investigate the emergency, day or night.

“The in-house incident response capability was a standout feature for us,” explains Bill. “We really appreciated that it was included within the service and not hidden behind a paywall. Knowing that resources would be available immediately if anything slipped through or if we faced any issues gave us great peace of mind. This showed they had ‘skin in the game’ because by stopping threats in the first place, they wouldn’t need to expend resources on incident response. This demonstrated a true partnership rather than just a managed service, which was a significant point of our discussions.”

Furthermore, with Quorum Cyber, cybersecurity isn’t just a business transaction, it’s a partnership and a collaboration to continuously fortify cyber resilience and reduce cyber risk. With this approach, organisations can focus on their goals without worrying about cyberattacks.

Threat-led managed detection and response 

Data Trust opted for a security maturity assessment (SMA) to start so that Quorum Cyber’s team could review the firm’s current security posture and understand what it needed to do to strengthen it in the short, medium, and long term. In addition to the SMA, Data Trust opted for Quorum Cyber’s managed detection and response service, Clarity Extend. This service incorporates advanced threat intelligence and proactive threat hunting capabilities, designed to identify and mitigate potential threat actors. To further reduce risk, Data Trust added pentesting, plus an annual cybersecurity audit to ensure good governance. Early in the partnership, Quorum Cyber’s Threat Intelligence (TI) team conducted an in-depth assessment of the specific threats Data Trust might face. This evaluation provided the company with critical visibility into the threat landscape most relevant to its operations, enabling a proactive approach to mitigating risks.

Data Trust’s team has total transparency of the company’s security via Clarity, Quorum Cyber’s customer platform, which Bill believes is an added advantage of the service. “We’ve been able to see the workflow play out successfully, and we have clear insight into the logging of day-to-day activities because the platform is clean and easy to use. It’s so intuitive that I’ve been able to pass it to a member of the team, who manages it daily, but I can still access and review it whenever needed. We feel confident in the platform’s accurate reporting of what’s happening in our systems and databases.”

Peace of mind

“Throughout the process, I felt relieved and reassured by the rapport we established,” Bill explains. “One member of the Quorum Cyber team was local, and meeting in person helped build comfort and trust. Moreover, the support from the team, who would be managing this on a 24/7 basis, gave me confidence that our data was in capable hands.

“Quorum Cyber is the most important layer of our active security,” concludes Bill. “We certainly have cyber peace of mind.”