| Industry | Driver | Company Size |
| HVAC & Electrical Distribution | Needed SIEM & XDR, PCI DSS | 100 |
Republic Electric Company’s management team came to the conclusion that the company should consider enhancing its current security posture and that it is better to increase cyber safety before an incident rather than after. Based on the results of an informal security assessment, Republic would add SIEM and XDR solutions. Managed SIEM XDR services would enhance PCI DSS compliance.
Republic used Blumira’s Free SIEM for M365 cloud security for a year before upgrading to the SIEM + XDR solution for greater visibility and to strengthen their security posture.
“Prior to Blumira, we had a lack of visibility. Blumira gives us information that I didn’t previously have, including reports of suspicious activities involving PowerShell, and many other things happening in our environment. I didn’t have any other tools that provided this kind of insight.”
Founded 108 years ago and family-owned, Republic Electric Company is a premier independent distributor of electrical and heating/cooling supplies and equipment. They are a leading wholesale distributor in the Midwest, providing a wide range of products including HVAC, electrical, energy management, heating, air conditioning, hydronics, refrigeration, and sign support systems.
Director of IT, Andy Barcus runs a team of two IT employees that make everything digital happen at Republic, including cybersecurity. While they had traditional antivirus software in place, the AV system produced so few alerts, it was unclear whether it and the complementary security products were working great or not working at all. No news isn’t always good news.
“Based on the IT security assessment, we wanted the next step on our secure journey to encompass endpoints, so started looking for two products – an EDR/XDR and a SIEM; two items on the list of measures suggested by the assessment,” Barcus said.
In addition to hardening their security posture, Republic needed to meet PCI DSS compliance requirements. The Payment Card Industry Data Security Standard (PCI DSS) is a set of compliance requirements that apply to any organization that processes or stores credit card information.
“We were looking for a solution within our budget, and something that was, at the very least, active all the time. I was looking for a solution with a 24/7 managed SOC behind it,” Barcus said.
Barcus found Blumira, signed up for the Free SIEM version to secure their Microsoft 365 application and had been using Free SIEM for a year before upgrading to the paid XDR Platform edition. With Blumira’s SIEM + XDR and 24/7 Security Operations, Republic gained access to a wider range of integrations, including Blumira Agent for endpoints that collected data from additional sources, broadening their view across their entire environment.
“Prior to Blumira, we had a lack of visibility. Blumira gives us information that I didn’t previously have, including reports of suspicious activities involving PowerShell, and many other things happening in our environment. I didn’t have any other tools that provided this kind of insight,” Barcus said.
Using Blumira, Republic’s IT team now has visibility into what’s going on in their Microsoft 365 cloud environment, and can report it back. Blumira’s XDR Platform provides dashboards and an easy-to-use search feature for faster investigation across all of their logs.
“Since Blumira is gathering all of our logs, if we do have any issues, we can go and diagnose what the extent of the incident is,” Barcus said. “In one instance, Blumira alerted me to something it called suspicious which was remedied by reconfiguring to put into place the principle of least privilege.”
Barcus used Blumira’s Detection Filters to create a custom filter that cut down on noisy alerts. While all Blumira users, including Free SIEM users, have access to Detection Rule Management to toggle detection rules on and off, paid users have access to create filters to stop alerting on known safe activity specific to their environments.
When it came to deployment, Barcus was able to integrate Blumira easily across their mix of Windows, Linux and Mac servers, as well as their Microsoft 365 and Entra ID applications.
“The rollout was fairly easy because we leveraged our remote management tool to push the client out to the majority of our Windows systems. We were at 90% deployment completion within two days,” Barcus said.
Using Blumira, Republic was able to gain greater visibility into their environment and identify ways they can improve their overall security posture.
“Overall, I have used what Blumira reports to increase our compliance with the principle of least privilege, am informed about relevant changes in Microsoft 365 / Entra ID, and we’ve met a couple of our IT security goals,” Barcus said. “Blumira has definitely helped me answer the question if we’ve been compromised or not. In the past, I had to say I didn’t think so – now I feel more confident in my answer of no.”