Multilayer security against advanced threats

A security stack expanded with WithSecure solutions improved Teosto's visibility and response speed.


Case study: Teosto

Changes in its IT infrastructure and environment prompted Teosto to look for capabilities against more sophisticated threats. The company now has a full-range, unified cloud-based security solution with detection and response, vulnerability management and endpoint protection capabilities.

Striving for real-time situational awareness

Founded in 1928, Teosto is a music copyright organization in Finland. Teosto collects royalties from music license users, such as concert planners and radio stations, and pays those royalties to composers, arrangers, lyricists, and publishers. Teosto works to ensure that music creators can focus on what really matters to them: making new music.

Teosto’s operational model mirrors private banking services, as it handles and manages artists’ copyrights. Because the software systems it needs are difficult to find out-of-the-box on the market, Teosto has developed most of its operational software in-house. Protecting the sensitive personal and financial customer information handled by these systems is crucial. Many of Teosto’s customers are celebrities and other public figures.

Over the past few years, Teosto’s IT infrastructure has undergone major changes. Technological developments such as increasing use of cloud services have added complexities to the IT environment. Growing numbers of vulnerabilities and threats combined with amplified complexities have increased the workload for Teosto's IT and Security Manager Harri Ahokas and his “one-man SOC” (security operations center): "In today’s world you have to do more – and do it faster. You can’t fix this simply by doing more manually, you need to be able to use automation in different ways.”

"Our objectives were good vulnerability management processes with continuous situational awareness and real-time understanding of the environment."

- Harri Ahokas, IT and Security Manager

As the IT environment grew more complex, Teosto needed to gain a better understanding of its infrastructure, architecture, and attack surface, ideally without added workload. According to Ahokas, not knowing what was happening in the company environment was a significant risk.

“Things happen fast. Without an extensive understanding of the infrastructure and attack surface, and without fine-tuned vulnerability management processes, the risk level would be too high for us,” he says. "Our objectives were good vulnerability management processes with continuous situational awareness and real-time understanding of the IT environment.”

New capabilities from a long-time cyber security partner

Teosto already had an on-premises endpoint protection solution, Business Suite from WithSecure. Ahokas was happy with the solution, cooperation, and support services. Convinced by his past experiences, he decided to test endpoint detection and response (EDR) and vulnerability management (VM) solutions from the same vendor.

Teosto didn’t have behavioral analytics or the means to detect advanced attacks. After testing WithSecure Elements Endpoint Detection and Response, Ahokas says Teosto decided to purchase the solution for its capability to detect behavioral anomalies and respond to advanced attacks. WithSecure Elements EDR's efficient user interface also offered Ahokas a streamlined way to drill down to events.

"WithSecure Elements EDR has a good user interface, and it provides a streamlined way to drill down events."

- Harri Ahokas, IT and Security Manager

Teosto had previously arranged for vulnerability scanning to be done annually as a service, which Ahokas says is no longer sufficient. With the world of threats and vulnerabilities fast evolving, situational understanding and a current snapshot of the environment are needed daily, he asserts. Continuous vulnerability management, high performance, cost efficiency, and cloud-native architecture were deciding factors for Teosto.

"It is important to get a frequently updated snapshot and understanding of the situation every day, not only once per year. The world is changing fast when it comes to threats and vulnerabilities."

- Harri Ahokas, IT and Security Manager

As Teosto added new security layers, the company also updated its on-premises endpoint security solution, WithSecure Business Suite, to the cloud-based WithSecure Elements Endpoint Protection. The new endpoint protection solution bolstered Teosto’s behavior-based threat prevention. The transition to the new endpoint protection solution was smooth and straightforward, taking less than a day to implement to Teosto's environment of a hundred endpoints.

Ahokas says the deployment of Teosto’s new stack of security solutions was quick and painless overall.

Teosto’s requirements and selection criteria:

  • Situational awareness of IT environment and attack surface
  • Behavioral threat analysis
  • Continuous vulnerability management
  • Architecturally unified cloud-based solution
  • Smooth cooperation and solid partnership with the vendor

Warding off threats with multiple security layers

According to Ahokas, in today's complex threat landscape, a versatile cyber security solution stack containing multiple protection layers is important. More controls in place to slow down the attacker means more time to notice anomalies, increasing the chance of detecting the attacker, he says.

With its new WithSecure solution stack, Teosto has enjoyed significant cyber risk management benefits. For example, vulnerability reports can be produced whenever needed. Ahokas says WithSecure Elements Vulnerability Management has added flexibility, speed and cost efficiency to Teosto's operations.

"WithSecure Elements Vulnerability Management has added flexibility, speed and cost-efficiency to our operations."

- Harri Ahokas, IT and Security Manager

With WithSecure Elements Endpoint Detection and Response, Teosto now has a better understanding of what is going on at its endpoints. The solution produces useful data and presents it in a clear format that makes monitoring complex chains of events efficient. Ahokas praises the solution for its ease of use, especially compared to many other solutions that require considerable expertise to use effectively.

“WithSecure Elements EDR has been designed to be as convenient and easy to use as possible," he says.

According to Ahokas, no number of technological solutions alone will guarantee success in the cyber security battle, as the most challenging attack vector is still people. User trainings and regular communications about cyber security are high priorities at Teosto.

Ahokas emphasizes the importance of security knowledge and expertise to gain an understanding of security goals and problems to be solved. “Cyber security isn’t just the technologies. You need expertise – whether in-house or outsourced from a partner,” he says.

Teosto’s cyber security architecture is now well-aligned and unified. All its endpoint protection solutions are cloud-based and acquired from a single vendor, making maintenance effortless and efficient. With Teosto’s latest investments in IT architecture and cyber security, there are no imminent changes in sight, says Ahokas, “We are now focused on maintenance and responding to changes if needed."


  • Real-time situational awareness
  • Flexibility, speed and cost-efficiency
  • Protection against advanced threats
  • Fortified protection with multiple security layers
  • Continuity to a long-lasting partnership
"Several controls slow down the attacker and increase your chances of detection. There’s more time to notice anomalies."

- Harri Ahokas, IT and Security Manager

Related products

WithSecure™ Elements Endpoint Detection and Response

Monitor your IT environment status and security, detect targeted attacks swiftly, and respond with contextual visibility and automation.

Learn more about the solution

WithSecure™ Elements Vulnerability Management

Easy-to-deploy scanner for your whole network and all its assets. WithSecure Elements Vulnerability Management scans the deep web, fights brand exploit and reduces your total costs.

Learn more about the solution


  • Teosto Ry
  • Products and services

  • WithSecure™ Elements Endpoint Detection and Response WithSecure™ Elements Vulnerability Management WithSecure™ Elements Endpoint Protection
  • Industry

  • Non-profit
  • Country

  • Finland
  • Music is power

  • Teosto is a copyright organization for music creators, composers, and publishers. Teosto works to ensure that music creators can make music as a profession, and that music customers have easy ways to avail themselves of the many benefits of music. Teosto collects copyright royalties from music users and pays them to composers, arrangers, lyricists, and publishers, so that they can create more music. Key figures: 35 000 domestic clients, music creators and publishers, and about 30 000 music users Founded in 1928 72 employees, 770 members 72,1 million of royalties in 2019

Short description

Download customer case PDF

Speak to the team

Manage your cyber security through a single pane of glass..

We process the personal data you share with us in accordance with our Corporate Business Privacy Policy.