CASE STUDY # 1
Security Evaluation, Remediation, and Implementation
Client Industry: Banking
Client Environment: Microsoft 365 and Azure
The Problem/Opportunity
- Customer requested a security evaluation of their entire infrastructure and solution deployment.
- Customer also asked us to assess the potential damage of a security breach of a user’s account right before they requested the evaluation.
The WME Solution
- We identified what areas and data elements did the bad actors gain access to and provided recommendations on how to remove the security vulnerabilities.
- During this entire engagement, we identified all the IP addresses that were used by the bad actors to gain access to the client’s M365 environment and blacklisted them all.
- As a custom action, we turned Geo fencing on for all users. We also reported all the data areas that could have been accessed by the bad actors. We also prepared report on the categories of data they were interested in.
- Based on the results of that scan, we implemented all high-priority and critical recommendations as well as all low-impact recommendations.
- Due to the criticality of the matter, we completed the whole task in just two weeks rather than a typical four to six weeks.
- As a standard practice, we also shared metrics-based reports to describe the progress we were making daily.
- To ensure an uninterrupted environment, while we implemented efforts to solve client’s problem, we used an Agile type of daily call to review the last 24 hours’ progress and present to client what would be done in the next 24 hours.
Challenges We Faced & Solved
Challenge # 1:
The hardest challenge was to complete a highly sophisticated security scan and remediation task in just two weeks. Whereas such tasks typically take at least 4-6 weeks of tedious work.
Challenge # 2:
Another challenge was to satisfy the customer’s demand to monitor and get involved with the effort which we normally do by ourselves.
The Final Outcome
Finally, the customer was 100% satisfied with the results WME provided. We were able to move the customer’s Overall Compliance Score from 21% to 99%.