Customer Story: Girl Scouts of Southeastern Michigan

Industry	Driver	Company Size
Non-Profit	Greater Visibility & Stronger Security Posture	100

The Challenge

The Girl Scouts of Southeastern Michigan needed a solution that would provide their small internal team with greater visibility across their environment while reducing reliance on their MSP.

The Solution

Within 36 hours of deploying Blumira, they gained immediate visibility and prevented a significant security incident.

I honestly believe that we are 10 times better compared to where we were when I joined GSSEM over two years ago. It's a huge improvement compared to some of the other tools and systems we've had.

Girl Scouts of Southeastern Michigan

Girl Scouts of Southeastern Michigan (GSSEM) is one of the 111 chartered councils of Girl Scouts of the USA, serving a vast region that includes the Detroit metropolitan area and eight counties in southeastern Michigan. GSSEM plays a pivotal role in shaping the experiences of thousands of scouts in its community.

The Challenge: Building a Stronger Security Posture

Paul Silvestri is the IT Manager for GSSEM and works as part of a two-person team. Silvestri is responsible for the day-to-day operations of all IT systems and managing the organization's IT vendors, including a Managed Service Provider (MSP). The MSP provides help desk services, server and workstation management, and server backup, while GSSEM handles IT security in-house. When Silvestri joined GSSEM, the team had a basic security posture but lacked a SIEM tool to complement their existing firewall and antivirus protections.

Given the small size of Silvestri’s IT team, GSSEM heavily relied on the MSP, which was very expensive as a result. The situation was further complicated by the MSP's rigid processes. Silvestri was unable to make changes or resolve issues without going through the MSP, which slowed down response times and limited the team's ability to adapt to new challenges.

"“We were handcuffed by our vendor. If I needed to make changes, I needed to put a ticket in with them. I couldn’t just do it [myself],” Silvestri said.

The Solution: In the Nick of Time

Silvestri set up Blumira’s Free SIEM, connecting the platform to their Microsoft 365 environment and saw immediate results. Within 36 hours, Blumira sent a finding that stopped a potentially major security breach. Early one morning, Silvestri received a notification that a forwarding rule had been created for a C-level employee’s email account. Silvestri immediately verified that the account had been compromised, and he took swift action.

Silvestri discovered a draft email in the employee’s mailbox, ready to be sent to every contact in their address book, requesting money with a fraudulent Venmo link. Thanks to Blumira’s early detection, Silvestri was able to change the password, lock the account, and prevent any emails from being sent—avoiding what could have been days of damage control and remediation. 

“Had Blumira not been running, that email would have gone out and I would have had to spend days answering some very tough questions as to why their email was compromised. It would have been a nightmare,” Silvestri said.

Upon further investigation, Silvestri found that attackers had compromised the email account due to a weak password that had never been changed after the staff member joined GSSEM years earlier. This incident prompted a detailed review and update of security policies and underscored the value of Blumira’s proactive threat detection.

Taking Control of the IT Environment

In early 2023, GSSEM made a strategic decision to switch to a local MSP using a Co-Managed MSP model. This move provided several benefits, including cost savings, greater local control over the network and infrastructure, and the convenience of having the MSP just a phone call away. Previously, GSSEM had no direct access to manage firewalls, with all changes needing to go through the former MSP. With the switch to the Co-Managed model and the implementation of Blumira, Silvestri now has full confidence that the systems are being properly monitored.

“Blumira makes things easier for me because I have that single pane of glass in Blumira that basically tells me there are 565 million logs being reviewed. With Blumira there's peace of mind,” Silvestri said. “I'm able to see everything and make sure everything is up and running before my staff gets in to start their day.”

This transition has brought significant changes to his day-to-day operations compared to the previous hands-off approach. Whether it’s ransomware or other threats, he trusts that Blumira will catch any issues before they escalate. 

“I'm able to resolve [issues] faster than finding out about it and playing defense. I get an alert? I go right on offense. I deal with it instead of finding out several days later that something has happened. It's just made things so much smoother,” Silvestri said. “I can sleep a lot better at night knowing that things are more secure than they were before.”

Silvestri has also noticed a significant improvement in employee productivity, reflected in the decrease in help desk tickets. Since transitioning to the co-managed model and implementing Blumira, he estimates a 60% reduction in support requests. This drop in help desk tickets and support emails has allowed staff to work more efficiently, boosting overall productivity with the enhanced technology in place.

GSSEM has also strengthened its security by rolling out extensive cybersecurity training for employees. This includes weekly micro-training sessions, quarterly vulnerability scans, and their first-ever penetration test. These efforts, along with deploying Blumira, have significantly improved the organization's security posture.