Privately owned, the Houston-headquartered business has ambitions to grow in the U.S. healthcare, automotive, aerospace, chemical and upstream energy sectors and extend its footprint across North America, Europe, Asia, Australasia and Africa. Safeguarding its customers’ data is essential to achieving its international expansion plans.

Customers demand world-class security

“Our customers are increasingly asking us detailed questions about our security, including disaster recovery and how we’ll respond to severe incidents. We must confidently reassure them that we have enterprise-grade protection in place,” explains Daniel Iturbe, VP of infrastructure, security & compliance at MCi.

“To achieve this, we have implemented rigorous security protocols and business continuity and recovery plans that ensure the safety and confidentiality of our customer’s data. Our team of experts is continuously monitoring and updating these measures to stay ahead of potential threats, Iturbe says.

“We understand that our customers trust us with their sensitive information, and we take that responsibility very seriously. Rest assured, our commitment to providing top-notch security measures is unwavering, and we are always ready to respond swiftly and effectively in any security incident,” he says.

After completing a comprehensive program of preparation internally, MCi was ready to find a cyber security partner to provide a security operations center (SOC) that would match their business needs and meet the high standards of cybersecurity demanded by their customers worldwide.

MCi searched Quorum Cyber online, and a local Microsoft representative assured them they were worth talking to. Founded in 1989, MCi is predominantly in the cloud, and its cloud hosting is 100% provided by Azure. Hence, being a Microsoft-only house and a Microsoft Solutions Partner for Security, Quorum Cyber seemed like a good candidate. However, there were many other companies to assess as well.

Five essential criteria for a long-term partner

MCi took a diligent approach in selecting a long-term cybersecurity partner. They conducted an exhaustive Request for Proposal (RFP) discovery and execution phase over five months. During this time, they carefully evaluated over ten cybersecurity companies and thoroughly assessed their service offerings. Price was not the only determining factor, and the companies were assessed based on several essential criteria:

1. Vendor qualifications: Experience, expertise and financial stability.
2. Technology and tools: A vital matrix component consisted of selecting a SOC company focusing only on Microsoft Azure Security Stack and Azure toolsets.
3. Service Level Agreements (SLAs): Response times, escalation procedures, and reporting capabilities needed to comply with MCi contractual and compliance requirements.
4. Flexibility and customization: The ability to tailor and customize services to meet MCi annual reports and audits for MCi customers.
5. Security and compliance: SOC requirements to have Microsoft and industry-accepted certifications and accreditations.
6. Cost and value: SOC’s pricing structure, schedule, add-on services, and overall were collectively categorized and analyzed independently.
7. Reputation and references: The SOC’s reputation in the industry and references from current and past customers were scored using an internal MCi review process.

After evaluating all proposals, MCi trusted Quorum Cyber as their long-term cybersecurity partner. This decision was made after considering the added complexity of working with multiple vendors and that Quorum Cyber met all their requirements, including their need for an experienced and reputable Microsoft partner with a complete set of security competencies, certifications, advanced SIEM services, and strong customer support.

A true partner that lives and breathes cybersecurity

“I strongly believed that we needed a partner dedicated solely to the Microsoft ecosystem, who deeply understood cybersecurity and could fully support our Security Operation Center’s needs. We wanted a partner who would invest the time to comprehend our cloud infrastructure, unique business model, and even our customers and be part of our growth journey and continued success,” says Iturbe.

Moreover, MCi needed an expert in Microsoft Sentinel, Azure, and cloud computing that can proactively detect and defend against zero-day attacks and possess strong automation skills to improve efficiency and reduce the risk associated with cyber incidents. The ideal partner should also have experience working within a single, integrated security ecosystem.

After onboarding MCi onto their SOC in early 2022, MCi is confident that Quorum Cyber, whose SOC team runs the Microsoft Sentinel Managed Detection & Response (MDR) service, has already helped to improve its cybersecurity posture and security scores significantly.

“I am thoroughly impressed by the exceptional customer service provided by Quorum Cyber. Their attention to detail, quick response time, and efficient triaging of information by their SOC is outstanding,” says Iturbe.

Iturbe continues, “The single-pane-of-glass view offered by their customer portal, Clarity, has been an invaluable asset to my team. This enables us to access all the necessary information from one dashboard easily. Quorum Cyber’s technical expertise and account management skills are second to none, and their professionalism is truly commendable. They maintain continuous communication with their customers and offer top-notch customer support, a rare quality in today’s business world.”

Iturbe says, “Overall, Quorum Cyber is a fantastic extension of our organization and a true partner. Their unwavering commitment to excellence is reflected in every aspect of their services, making them a top-class provider in the cyber security industry.”

Peace of mind around the clock

“We couldn’t get the security and visibility of the SOC by recruiting more people to cover the same things in-house,” concludes Iturbe. “In a nutshell, MCi has been able to catapult our cybersecurity posture to an enterprise-grade level, thanks to the mutual partnership in working towards the same goals.”

The post MCi Protects Its Customers Worldwide With Quorum Cyber’s Enterprise-Grade Cybersecurity appeared first on My TechDecisions.

Attacking and compromising a managed service provider – which provides IT services to many organizations – can yield a much bigger reward for a threat actor than attacking just one specific company. In fact, several large-scale cyberattacks in the past have targeted service providers that, depending on their size, hold the keys to the networks of hundreds or thousands of organizations.

Due to the network and privileged access MSPs have, they are becoming a much larger target for sophisticated threat actors to gain initial access, with attacks seeking initial access via MSPs expected to increase, according to a new CISA advisory.

Along with the U.S., these attacks are expected to increase in the UK, Australia, Canada and New Zealand. A successful compromise of an MSP could result in a wide range of follow-on attacks against both the provider and across their customer base.

For both MSPs and their customers, CISA’s advisory urges them to take steps to prevent initial compromise, including hardening remote access VPN solutions, scanning and patching for vulnerabilities, protecting internet-facing services, defending against brute force and password spraying attacks and taking steps to combat phishing attacks.

However, customers of MSPs are advised to take further steps to make sure their service providers are taking precautions themselves.

According to the advisory, customers should enable monitoring and logging of their systems, but also ensure that their contracts with MSPs require them to implement comprehensive security event management, provide visibility of logging activities and notify the customer of confirmed or suspected security events occurring on the provider’s systems.

CISA also highlights the importance of multi-factor authentication, urging customers to ensure that MFA is implemented on all of the products and service they receive from their MSP, in addition to implementing the protocol on all MSP accounts used to access customer networks.

In addition to applying network security controls to reduce the impact of a compromise across the organization, organizations should ensure that the networks used for MSP access are segregated from the rest of the networks.

CISA’s guidance also calls for the application of the principle of least privilege, urging organizations to ensure that the MSP applies the principle to both provider and customer network environments.

Organizations working with MSPs should also disable MSP accounts that are no longer managing their infrastructure, including disabling user accounts when someone leaves either organization.

The relationship with MSPs should also include transparency around software update policies and patching vulnerabilities. Customers should understand their MSPs policy on software updates and request that those updates are delivered quickly and as an ongoing service.

The guidance from CISA also spells out what kind of system backups MSPs should provide to customers, as well as the importance of incident response and recovery plans built into the contracts.

Customers should also set clear network security expectations with their service providers and understand the risk that comes with granting network access to an MSP, and ensure that MSP accounts are not assigned to internal administrator groups.

“As this joint advisory makes clear, malicious cyber actors continue to target managed service providers, which can significantly increase downstream risk to the businesses and organizations they support – why it’s critical that MSPs and their customers take action to protect their networks,” said CISA Director Jen Easterly. “Securing MSPs are critical to our collective cyber defense, and CISA and our interagency and international partners are committed to hardening their security and improving the resilience of our global supply chain.”

The post Is Your IT Department Augmented by an MSP? Take These Cybersecurity Steps Now. appeared first on My TechDecisions.