Client
Elbe-Werkstätten offers vocational training and work opportunities in the Hamburg area to people who, due to a disability, cannot or cannot yet be employed on the general labor market. As one of the major players for the interests of people with disabilities, they actively support the inclusion process in society and are a reliable cooperation partner for their customers, among others in the business areas Packaging, Electrical and Assembly, Gastronomy or even Digitalization. The goal is the best possible qualification and integration in the world of work to enable more equal opportunities and professional participation. With around 3100 employees, Elbe-Werkstätten is one of the 20 largest employers in the Hamburg metropolitan region and a valued partner of companies, social institutions and public authorities
Challenge
Elbe-Werkstätten lives inclusion - also when it comes to using the IT infrastructure: All employees, participants and staff have access to the facility's PCs and can also research on the Internet or edit their e-mails at any time. Regular awareness training and e-learning courses are offered, as users include people with cognitive impairments, and there is therefore an increased security risk from an IT security perspective.
As a long-standing IT security service provider, Allgeier secion had already ensured solid basic protection by setting up virus scanners and firewalls, as well as by carrying out monthly pentests. In a joint security audit, further fields of action were identified that went beyond these exclusively preventive protective measures. The aim was to add a proactive security solution that is capable of detecting attack activities immediately after they have been compromised. The condition: it must be easy to use, affordable and implementable even with a small team.
Solution
Initially, Elbe-Werkstättem considered a SIEM solution and compared the offers of several providers on the market. However, the security information and event management tools proved to be too costly and personnel-intensive. Instead, Elbe-Werkstätten managers opted for the lean but effective Active Cyber Defense (ACD) service from their long-time security service provider Allgeier secion. The "Managed Detection and Response Service" (MDR) proactively and continuously analyzes the corporate network for anomalies. In the event that systems are compromised, Allgeier secion's ACD team immediately informs the customer and provides concrete recommendations for action to avert damage from the attackers. As an early warning system, the 24/7 service thus helps Elbe workshops to actively, proactively and permanently secure their own corporate network so that costly reactive measures can be avoided in the event of an attack.
Result
With the integration of proactive early attack detection, Elbe-Werkstätten were able to significantly increase the level of their IT security once again. The Active Cyber Defense (ACD) service monitors all networks around the clock for unusual activity. Immediately after implementation, conspicuous communication from an uninstalled antivirus program could already be identified and prevented. As a managed service for early attack detection, Allgeier secion's IT Security Service provides effective protection while requiring significantly fewer resources than alternative solutions such as SIEM tools.
"We wanted to make our IT security future-proof. That's why we decided to proactively implement all the requirements that, for example, the BSI specifies for this or that cyber insurance companies require when taking out policies. Our initial plan was to implement a SIEM. However, it quickly became apparent that this solution was too complex, too time-consuming, and too expensive for us. Instead, we opted for the 24/7 Active Cyber Defense (ACD) service. We have been working with Allgeier secion in the area of IT security for a long time. And here, too, it turned out to be a good decision to go down this path together. The setup was surprisingly quick and uncomplicated, with only two appointments of one and a half hours each. And we are also very satisfied with the result: ACD is a very, very good and successful solution for Elbe-Werkstätten to be able to guarantee good early attack detection with little personnel and financial effort."
Karsten Koschewski Head of IT and Logistics at Elbe-Werkstätten