This case study is based on a recent project we delivered for Lawrence Webster Forrest, who was looking for a managed security service for all their endpoint devices.
Many SMEs now have complex and multilevel information security needs, covering a range of devices from traditional desktop PCs and laptops, to smartphones, tablets, and employee devices used for work purposes (‘BYOD’). A managed security service covers all aspects of threat detection, incident response, security systems and protocols related to endpoint devices, helping customers protect sensitive data, prevent breaches, and protect their customers and staff.
Lawrence Webster Forrest (LWF) is a fire engineering consultancy, providing bespoke fire risk assessments and fire safety services to customers in the commercial and public sectors. The business was established in 1986, and in recent years has transitioned from a traditional office-based consultancy to a predominantly digital business, making use of various mobile devices, cloud platforms, and applications.
For businesses like Lawrence Webster Forrest to deliver a professional and creative remote solution to their customers, fast, reliable file sharing and stringent data security are paramount concerns. Like many companies, LWF was concerned about the limitations of traditional antivirus to provide the level of cyber security required in the modern workspace.
Traditional antivirus software relies on signature-based detection methods, which means they can only identify malicious files based on predefined patterns or ‘signatures’. This makes them effective against well-established and widely recognised malware, but many applications struggle to keep pace with all the emerging malware.
The customer was interested in an Endpoint Detection & Response (EDR) cyber security strategy, which, instead of scanning a device for known threats, is designed to investigate and mitigate any suspicious activity on endpoints such as desktops, laptops, servers, and mobile devices.
EDR applications monitor endpoint activity in real-time, helping identify any anomalous or potential security incidents, and facilitating a more rapid response to security threats than traditional antivirus. EDR applications also collect data on endpoint events, including file changes, process executions, and network connections, and use behavioural analysis to detect suspicious behaviour.
For digital-first businesses, EDR is a better way of identifying and responding to advanced cyber threats, including malware that may not have a known signature.
When combined with a Security Operations Centre (SOC) that continuously monitors network traffic, the customer would have a comprehensive cybersecurity strategy that safeguards the business at the level of the organisation’s digital assets.
The customer got in touch with TMB to install and set up a managed security service to improve protection against cyber threats, using a tailored EDR solution. The goal was to implement a proactive security solution, rather than wait for a device to be infected to take action.
Managed security services are ‘bread-and-butter’ projects for our team, and we were immediately able to implement a proven and standardised project plan and put engineers in place to ensure that all tasks were completed with the least disruption to the business.
The project included installing managed security services on all the customer endpoint devices. These included:
The project was delivered remotely, shortening the delivery cycle and minimising disruption for the customer.
The new managed security service gives considerably better protection for LWF’s data assets. Endpoint-level EDR solutions can detect and respond to threats that originate from laptops, desktops, and mobile devices themselves, providing more robust security than antivirus software alone. Through the SOC, enhanced reporting gives the customer greater visibility into endpoint activities, improving their understanding of cyber threats and the actions taken to mitigate them. Reporting also shows the value of the tool in threats avoided.
The customer now has peace of mind that their security protocols are adaptive to new threats and confidence that their data is secure. This provides a strong foundation to invest in protecting the business's reputation and expanding its services.
“The installation was very straightforward, TMB asked for all computers to be switched on – some users didn’t even notice the change. I like the comprehensive report, it shows how much we have been targeted. The reporting has made management and users more aware of the threats, it’s easy to see how powerful the software is and how much it is preventing. It’s key in this day and age as there are so many scams around, we are very pleased.”
To find out more about this project, our managed security services, and how we can support your business, please get in touch with the experienced TMB team today!
Image Source: Canva