Supporting Joyn Insurance in their early growth

Founded in mid-2020 during the height of the coronavirus pandemic, Joyn Insurance provides commercial insurance for small- and medium-sized companies in the US. Since its creation, the company has quickly expanded its coverage for the real estate, manufacturing, professional services, wholesale, retail and contractor industries in most of the states in the US.

Deep Microsoft expertise

“We knew from the very beginning that cyber security was going to be very important to us,” explains Joyn’s Co-founder and Chief Technology Officer Ed McGough. “We were specifically looking for an organisation that had deep knowledge and experience of the Microsoft toolset. We made the decision very early on that we were going with Microsoft tools 100%.”

Ed’s team met with three or four cyber security providers, all of which had different approaches. “Everybody we spoke to in Quorum Cyber was very knowledgeable,” says Ed. “What also appealed to us was that every tool we owned stayed within our environment, everything remained within our technology stack. We didn’t need to buy licences for other tools.“

“Furthermore, we felt that the company had exactly the right level of expertise that we required,” says Caroline Ettinger, Joyn’s Head of Business Insights and Tech Operations.

Complying with cyber security regulations from state to state

As Ed explains, meeting regulatory requirements is crucial: “Insurance is very heavily regulated in the US and companies need to meet state-specific cyber regulations in order to operate. We initially made sure that we met the requirements of the New York regulators, as they were one of the first to provide a mandate and remain one of the most stringent.”

Every year Joyn has to attest to the New York Department of Financial Services (NYDFS) that it fully complies with their regulations – and these become tighter as a company grows. Fortunately, if they can comply with New York State’s regulations then they are likely to meet the requirements of other states too.

While setting up the business with a small team they also realised that they needed assistance with all the detailed cyber security policies and procedures. “We asked Quorum Cyber for help and they conducted excellent work,” says Ed. “What we have from a policies and procedures perspective is better than I’ve seen at larger, older organisations.”

Monitoring and detection around the clock

Within a year of being established, Joyn agreed a three-year contract for the Managed Detection & Response (MDR) service, run by the Security Operations Centre (SOC) team and signed up for penetration testing.

“We knew we needed a 24×7 monitoring service and we didn’t have the size of team in-house to do this ourselves,” says Ed. “Despite the SOC being entirely based in the UK, this hasn’t affected the quality of the service. In fact, this has actually been an advantage because problems often happen at night,” explains Ed.

As Joyn operates across all US time zones and has team members and suppliers working from Europe and the Middle East, the location of the security team is irrelevant – time zones don’t matter in cyber security.

One call away from advice and guidance

“Whenever we’ve asked for advice on anything about cyber security, the team has always helped – and they haven’t used this as an opportunity to try to sell us any extra services, which is refreshing,” says Ed. “Cyber security is still one of my biggest worries. The amount of cybercriminal activity never ceases to amaze me and that does keep me awake at night. I don’t need to think about the monitoring of our IT as having the SOC team managing everything all the time really helps.”

While technology and data are two keys to Joyn’s impressive growth, the company prides itself on its people and its values as the pillars of its culture. Two of their values are transparency and trust, which Quorum Cyber has also built its business on since being established in Edinburgh, UK in 2016.

“The relationship with Quorum Cyber really feels like a partnership. We have a good relationship with the team. Everyone we’ve met has been delightful – they’ve made the team a real pleasure to work with.”