Overview
Overcoming security challenges with a managed service
With prestigious corporate investors and banking partners, this independent global asset manager has a responsibility to provide exceptional data and network security.
It reduced the risks to its business and aligned with the requirements of financial regulators by subscribing to Redscan’s award-winning Managed Detection and Response service.
The Challenge
Summary
- Need to protect high-value assets
- Reputational repercussions if breached
- No visibility beyond the perimeter
- Growing regulatory pressures
All businesses in the financial services industry need robust IT security, and this organisation is no exception. The organisation manages assets for a wide range of clients and is keenly aware of its responsibility to protect all related information.
Critically, the firm also needs to ensure that there are no weaknesses in its own network that might be exploited by hackers as a means of infiltrating the networks of its many financial partners. The Head of IT Infrastructure says: “If hackers were to see us as an easy target, they might try to use us as a back door into the systems of our counterparties, and this would cause immeasurable damage to our reputation.”
The organisation had antivirus software and firewalls, which provided an essential first line of defence. However, if hackers or malware were to penetrate these barriers, it had no means of monitoring its IT infrastructure to detect unauthorised activity on its network. The Head of IT Infrastructure says, “There were times when we noticed PCs acting oddly, even when our antivirus software gave them the all-clear.” The organisation therefore decided to implement proactive network monitoring to improve its IT security and reduce the risks to its business.
The organisation was comfortable that it complied with the IT security standards set out by the Financial Conduct Authority (FCA) in the UK, and other similar regulatory bodies around the world, but it anticipated that these industry requirements would soon become more stringent.
The Solution
Summary
- Reduced load on in-house team
- Enhanced visibility
- Comprehensive security insight
The small IT team was familiar with Intrusion Detection Systems (IDS), however, as The Head of IT Infrastructure explains, such solutions “generate a huge amount of reporting data, which no one person can monitor.” He estimated that he would need to employ “a dedicated team of at least 2-3 extra people to make an in-house IDS work,” which was cost prohibitive to the business.
Then, he discovered the subscription-based Managed Detection and Response service from Redscan. Qualified security experts from Redscan monitor IDS alerts 24/7 and provide a comprehensive system information and event management (SIEM) service.