ANNOUNCEMENT ⢠Check out our new AI & DATA SolutionsGO! gains the equivalent of half an FTE with new Microsoft security application
Eighteen months ago, GO! â the Department of Education for the Flemish Community â became the victim of several digital hacking attempts, with software for virtual desktops targeted in particular. For ICT manager Jan Buytaert, this wasnât just the final straw to accelerate the migration to Microsoft Azure and Microsoft Office 365, it was also an added incentive to get a stronger grip on cyber security. Cyber security specialist Secwise advised GO! to add the Microsoft 365 Defender security suite to its migration plans.
What are the key take-aways?
- GO! boosts cyber security with Microsoft 365 Defender
- Automatic phishing control on laptops saves the equivalent of half an FTE
- Azure Sentinel monitors cyber security, partially automated
Remarkable numbers
- 400: mailboxes scanned for malware and spam in the central departments
- 2: GO! is aiming to work fully in the cloud within two years
- 3: applications from the security suite already activated by GO!
âTight security is an absolute must,â says ICT Manager Jan Buytaert. âWe had a number of cyber incidents at the start of the year which had an impact on our operations and convinced our directors to identify and then secure our vulnerabilities. We appointed Secwise to carry out a security audit for us in the context of our existing framework contract.â
Microsoft 365 Defender
Secwise translated the 20-step audit into a roadmap with a whole series of recommendations. âIn the past, it was sufficient to just have a firewall and antivirus software, but you simply canât rely solely on those products anymore,â says Koen Jacobs from Secwise. âGO! wanted to scale back its own data centre in favour of the cloud â and switch over to Microsoft technology in particular â so we recommended extending their licence to A5, which also includes the Microsoft 365 Defender security suite.
GO! can now use this suite to secure its laptops, protect its email application from spam, and keep its new cloud environment free of malware. âPeople often think that the cloud is already secure, but youâre still always responsible for what happens on their â albeit secure â platform. Itâs up to you to ensure that the applications which run on it are secure,â says Buytaert.
The Department of Education for the Flemish Community made a conscious decision in favour of Microsoft. âAs an IT department, weâre already a good customer â we use their software for our development processes. We also work with Microsoft Office 365 and Microsoft Azure already, and now we can plug Microsoft 365 Defender 100% into existing applications such as Teams and Outlook, too. So we can warn others about potentially harmful emails or spam with just a single click. Itâs mainly from a user perspective that we decided to switch over to Microsoft,â explains Buytaert.
Before April, it could take us almost a full day to analyse phishing attempts. Now Defender ATP stops them automatically, which saves us the equivalent of half an FTE.
â Jan Buytaert, ICT Manager van GO!
Virus scanner on 400 laptops combats phishing, among other things
The first step in the new security strategy was to add Microsoft Defender Advanced Threat Protection (ATP) to the Windows 10 devices at GO! This project started just before the coronavirus lockdown and will be completed by the end of 2020. GO! already scans its 400 employeesâ mailboxes in the central departments for spam and malware, as Buytaert is well aware: âBefore April, it could take almost a full day to determine if certain emails were phishing attempts or not. But now Defender ATP stops them automatically, which saves the team the equivalent of half an FTE.â
You can create grand strategies to shape your security, but Secwise takes decisive action very quickly, which makes them more cost-effi- cient than others.
Smarter with Azure Sentinel
In order to increase the visibility in their network and gain a better insight into cyber security, Secwise also activated Azure Sentinel â security incident & event management software that the security team uses to inspect and tackle every cyber incident. Jacobs: âWe want to be able to monitor the servers better and send all âsecurity logsâ from each application to Azure Sentinel, automatically filtering them and taking action if required. Sentinel automatically quarantines harmful files. Thereâs also a machine learning component, which helps us identify false positives.â
âWeâre a small team but need to deliver the same services as a large IT department,â adds Buytaert. âYou can automate lots of tasks with smart software such as Sentinel, so we donât need to provide specialist technical training for our people.â
GO! wants to manage devices remotely in future
Together with identity and device management, there are other security projects also underway already. The ICT manager wants to start by managing the GO! devices more efficiently. âOur current device management software doesnât work remotely, and the coronavirus epidemic has highlighted this as a problem. We can tackle it better with Microsoft Endpoint Manager, but weâre also thinking about purchasing security managed services so that we have an expert to help keep an eye on our security.â
The ICT manager is once again looking to Secwise. âTheyâre definitely not the first security partner weâve had here, but my colleagues are very happy with their transparency, pragmatism and specific information. You can write entire books and make theoretical models about security, but Secwise takes decisive action very quickly. They keep a good overview of the situation and translate it immediately into products and tools, which makes them more cost-efficient than others. We work together very well, from devising strategies to specific implementation.â
