Building a strong security foundation

When he joined The Macomb Group in 2020, Cecil didn’t have an official security purview. However, when the existing endpoint protection solution didn’t prevent a malware breach, further investigation revealed that the solution’s overcomplicated management and configuration process had left endpoints unprotected.

"Trying to configure it was difficult without going and sitting through a long course to learn about it, and early on in a job like this, I don’t have time to sit around learning things like that. I need things that are simple to configure and do what they’re advertised to do so I can get on with my job."

- Daniel Cecil, System Network and Security Administrator 

Cecil had used WithSecure Endpoint Protection at a previous company and proposed a rip-and-replace, knowing he could have it up and running within a month because it’s “simple and easy to configure”. Once the Endpoint Protection solution was in place, Cecil began building out a stronger security foundation for The Macomb Group.

In June 2022, Cecil conducted a security audit based on the NIST Cybersecurity Framework which revealed a need for Endpoint Detection and Response, a capability Cecil added via the WithSecure Elements platform. The audit also provided a vulnerability management assessment, the results of which were sent via a daunting 5,000-page PDF and accompanying spreadsheet to prioritize issues and track resolution action. 

Simplifying cyber security

While painstakingly acting upon the critical issues identified in the vulnerability management assessment, Cecil knew he needed a better solution if he was going to resolve the gaps in a timely manner. What he didn’t know was that WithSecure had what he was looking for. Cecil started a trial of WithSecure Elements Vulnerability Management, during which he was able to confirm that the work he was doing with the existing product was actively resolving the identified vulnerabilities.

The original solution was supposed to scan everything, but by checking his progress using WithSecure Elements Vulnerability Management, Cecil discovered it only scanned 1 out of 9 IP computers according to the report. While it picked up a lot of printer vulnerabilities, Cecil was more concerned about identifying software vulnerabilities, which WithSecure identified. 

"We fixed more vulnerabilities through WithSecure Elements Vulnerability Management than what we did with the other product and it’s 5,000 odd-page report. The other product just didn’t do what it said it was going to do. It was a no-brainer to go with your product. The dashboard is great; I can go click and get what I need and the information is there and tells me how to resolve things."

- Daniel Cecil, System Network and Security Administrator 

Since The Macomb Group has added both WithSecure Elements Endpoint Detection and Response and WithSecure Elements Vulnerability Management to their security stack, Cecil is able to easily report on their security posture with holistic visibility through the WithSecure Elements Security Center. Key metrics include uptime and the number of critical incidents such as malware installation attempts which get blocked. Cecil also focuses on reporting security improvements month over month, such as the number of vulnerabilities that have been remediated and security updates that have been installed.

“WithSecure has a good way of displaying this information graphically, which is really nice to send to my boss rather than pages of text in a report every month which he doesn’t really want to read.”

One of his newer employees has also assumed more responsibility of the platform, of which Cecil remarks “he’s learned it himself with very few questions and he’s running with it. It’s good for old guys like me, and it’s a really good product for first-year helpdesk guys like him." 

Scaling for the future

The NIST audit is serving as the north star for Cecil as he continues to enhance the security posture and document the processes for The Macomb Group. Cecil absolutely sees WithSecure Elements scaling with the business as it grows and new security requirements emerge for the distribution industry, knowing there are more products and services WithSecure offers.