Info Security: Preventing Cyber Vulnerabilities

Through multiple acquisitions, a global e-commerce company found itself with an unmanaged information security landscape, creating large scale vulnerabilities for the company and its customers’ private data.

CHALLENGE

After eight years of unconfigured and unmanaged data, the company had lost control of not only data storage practices, but access to and the ability to act upon this data coming from a multitude of different security tools, putting it at risk of future breaches. The company was spending 65% of their time solely on vulnerability containment and remediation, leaving little time and resources for detection and prevention.

To solve this issue the company sought help from RedCloud to create a clear and full picture of their information security landscape, from which they could ensure vulnerabilities were not only identified and contained, but mitigated prior to impact. Ultimately the goal was to reduce the risk of security breaches and their cascading business impacts.

SOLUTION

RedCloud began with an in-depth audit of the numerous security platforms across the company from which data was being pulled and stored, as well as the existing Security Information and Event Management (SIEM) software being used to provide real-time analysis of security alerts. The audit exposed that the company’s data quality was subpar, so RedCloud set out to clean existing data sets and prepare it for migration to a common data storage platform from which realtime reporting dashboards were built.

In parallel, RedCloud developed processes for hardening the company’s security surface area including networks, code, applications, and third-party tools – documenting steps along the way to create new comprehensive data dictionaries and playbooks.

Finding that all security data was stored locally, RedCloud then developed and implemented a transition plan for moving all of the company’s security data to a leading hosted solution in order to assure redundancy and reliability.

RESULTS

Through the process of bringing clarity and consistency to all of the data sources, RedCloud helped the client to secure their customer data, have a true, real-time picture of its security landscape, and ultimately prevent the loss of customer, financial, human resources data, as well as protect critical infrastructure. With data now stored securely in the cloud, the company ensured access to and redundancy of this critical piece to operations, building trust with partners and customers to enable ongoing business success.

”[RedCloud is] incredibly knowledgeable in their field and are able to communicate various levels of information across the resource spectrum, from SVP down through the execution level.. It’s always a pleasure to work with people who have mastered their craft”
-Client Security Product Manager