The Need for Change

Actively protecting data and information is now a crucial activity for all companies. Consolidating vendors and utilising the tools you already have is a key step toward achieving this goal and one that many protection programmes are lacking. This was the case for a Canadian consumer product distributor who had a desire to leverage a single vendor for design, deployment, and operations. The organisation’s existing solution was nearing the license renewal date, which created the urgency to act swiftly. In addition, the distributor was soon approaching regulatory and audit requirements that put intense timing pressures on itsteam.

Key Customer Challenge

Perhaps the biggest challenge the organisation faced, was its lack of budget for security. Quorum Cyber was able to overcome this challenge by leveraging integration and automation processes to reduce internal efforts and eliminate the need for headcount, post implementation. Integration with existing systems and automated processes were therefore a key priority for the customer.

Initial Customer Assessment

Following a Security Posture Assessment, Quorum Cyber assisted in the design, deployment, and management of several Microsoft tools, mainly Microsoft Purview – Information Protection and Governance (IP&G).

The company had already invested in the Microsoft E5 licensing so Quorum Cyber worked to leverage and maximize this investment to strengthen the foundation already laid.

The Quorum Cyber Solution

Quorum Cyber worked with the organsiation to design, deploy, and operationalise Microsoft Purview IP&G. To do this, the customer leveraged several Quorum Cyber delivery teams, including GRC Advisory professional services for policy and standard refinement, Microsoft Advisory services for Microsft 365 Purview control design and deployment, and our Security Operations services for 24x7x365 monitoring of information protection alerts.

Quorum Cyber worked closely with the company’s business units, including IT, IT Security and Privacy teams, to develop policies, procedures, and user training in advance of solution implementation.

Following deployment, the company’s people, processes, and technologies were successfully aligned with compliance requirements. Not only that, but these processes streamlined the company’s overall operations. Along with this, new strategic and tactical KPI reporting capabilities for the CISO and compliance manager were added.

All of these key implementations increased the ability to handle and control data both inside and outside of the organisation.

Resilient Ready

After the rollout was completed, the organisation faced an insider risk attack. With its new capabilities, the company was able to successfully leverage its tools for a forensic investigation, identify the attacker and make appropriate remediations.

• Key Wins Meeting of aggressive audit and license renewal timelines
• Expansion of capabilities within the customer’s existing Microsoft E5 licenses
• Consolidation of product/integration footprint, reducing total cost ownership
• Successfully overcame imminent insider risk attack.

To find out how we can help your business improve its cyber security posture and become resilient ready with Microsoft technologies, please contact us today.