Industry | Driver | Company Size |
Non-Profit | Greater Visibility & Stronger Security Posture | 100 |
The Challenge
The Girl Scouts of Southeastern Michigan needed a solution that would provide their small internal team with greater visibility across their environment while reducing reliance on their MSP.
The Solution
Within 36 hours of deploying Blumira, they gained immediate visibility and prevented a significant security incident.
I honestly believe that we are 10 times better compared to where we were when I joined GSSEM over two years ago. It's a huge improvement compared to some of the other tools and systems we've had.
IT Manager
Girl Scouts of Southeastern Michigan
Girl Scouts of Southeastern Michigan (GSSEM) is one of the 111 chartered councils of Girl Scouts of the USA, serving a vast region that includes the Detroit metropolitan area and eight counties in southeastern Michigan. GSSEM plays a pivotal role in shaping the experiences of thousands of scouts in its community.
The Challenge: Building a Stronger Security Posture
Paul Silvestri is the IT Manager for GSSEM and works as part of a two-person team. Silvestri is responsible for the day-to-day operations of all IT systems and managing the organization's IT vendors, including a Managed Service Provider (MSP). The MSP provides help desk services, server and workstation management, and server backup, while GSSEM handles IT security in-house. When Silvestri joined GSSEM, the team had a basic security posture but lacked a SIEM tool to complement their existing firewall and antivirus protections.
Given the small size of Silvestri’s IT team, GSSEM heavily relied on the MSP, which was very expensive as a result. The situation was further complicated by the MSP's rigid processes. Silvestri was unable to make changes or resolve issues without going through the MSP, which slowed down response times and limited the team's ability to adapt to new challenges.
"“We were handcuffed by our vendor. If I needed to make changes, I needed to put a ticket in with them. I couldn’t just do it [myself],” Silvestri said.
The Solution: In the Nick of Time
Silvestri set up Blumira’s Free SIEM, connecting the platform to their Microsoft 365 environment and saw immediate results. Within 36 hours, Blumira sent a finding that stopped a potentially major security breach. Early one morning, Silvestri received a notification that a forwarding rule had been created for a C-level employee’s email account. Silvestri immediately verified that the account had been compromised, and he took swift action.
Silvestri discovered a draft email in the employee’s mailbox, ready to be sent to every contact in their address book, requesting money with a fraudulent Venmo link. Thanks to Blumira’s early detection, Silvestri was able to change the password, lock the account, and prevent any emails from being sent—avoiding what could have been days of damage control and remediation.
“Had Blumira not been running, that email would have gone out and I would have had to spend days answering some very tough questions as to why their email was compromised. It would have been a nightmare,” Silvestri said.
Upon further investigation, Silvestri found that attackers had compromised the email account due to a weak password that had never been changed after the staff member joined GSSEM years earlier. This incident prompted a detailed review and update of security policies and underscored the value of Blumira’s proactive threat detection.
Taking Control of the IT Environment
In early 2023, GSSEM made a strategic decision to switch to a local MSP using a Co-Managed MSP model. This move provided several benefits, including cost savings, greater local control over the network and infrastructure, and the convenience of having the MSP just a phone call away. Previously, GSSEM had no direct access to manage firewalls, with all changes needing to go through the former MSP. With the switch to the Co-Managed model and the implementation of Blumira, Silvestri now has full confidence that the systems are being properly monitored.
This transition has brought significant changes to his day-to-day operations compared to the previous hands-off approach. Whether it’s ransomware or other threats, he trusts that Blumira will catch any issues before they escalate.“Blumira makes things easier for me because I have that single pane of glass in Blumira that basically tells me there are 565 million logs being reviewed. With Blumira there's peace of mind,” Silvestri said. “I'm able to see everything and make sure everything is up and running before my staff gets in to start their day.”
Silvestri has also noticed a significant improvement in employee productivity, reflected in the decrease in help desk tickets. Since transitioning to the co-managed model and implementing Blumira, he estimates a 60% reduction in support requests. This drop in help desk tickets and support emails has allowed staff to work more efficiently, boosting overall productivity with the enhanced technology in place.“I'm able to resolve [issues] faster than finding out about it and playing defense. I get an alert? I go right on offense. I deal with it instead of finding out several days later that something has happened. It's just made things so much smoother,” Silvestri said. “I can sleep a lot better at night knowing that things are more secure than they were before.”
GSSEM has also strengthened its security by rolling out extensive cybersecurity training for employees. This includes weekly micro-training sessions, quarterly vulnerability scans, and their first-ever penetration test. These efforts, along with deploying Blumira, have significantly improved the organization's security posture.
Streamlined Deployment with Comprehensive Support Resources
The deployment process was straightforward, with the detailed support documentation allowing Silvestri to complete the setup in less than an hour.
“[Deployment] was actually really simple. I literally just followed the steps in the support document for deploying it. It took me maybe less than an hour to do. It was very easy to do and the step-by-step was very detailed. I would highly recommend that first-time Blumira users utilize the support resources because I found them extremely helpful,” Silvestri said.
Silvestri frequently reviews the support docs to check for new integrations and values the clarity of the instructions for deploying and connecting to the cloud. The available documentation has been comprehensive, and having access to support from solution engineers and account executives has provided additional peace of mind in case any issues arise during the deployment process.
“Just being able to send an email or pick up the phone and call somebody and say, hey, I'm having this problem. I've spent three or four hours figuring it out, somebody's got the answer, and it's just, it's just so helpful,” Silvestri said.
Eric Pitt
Eric is a Product Marketing Manager at Blumira focusing on customer research and positioning to continuously improve the Blumira platform.
More from the blog
View All PostsCustomer Story: Mid-Sized Manufacturing Firm
Read MoreHow Manufacturers Can Secure Themselves Against Cyber Threats
Read MoreFour Cornerstones Of Cyber Resilience In Modern Manufacturing
Read MoreSubscribe to email updates
Stay up-to-date on what's happening at this blog and get additional content about the benefits of subscribing.