Centralized comprehensive security for the entire IT

Security has to be complete to do the job. It has to work at every layer and every level; otherwise, it’s like an umbrella with a hole that is supposed to protect but you get wet anyway. For KI One S.A., a part of Kulczyk Investments S.A. Group, we have prepared a complete security solution that works and fulfills its primary function – to protect. 

KI One S.A. wished to strengthen its security effectively from endpoints, through network components to SaaS services. Prior to the implementation of our solutions, we had to face various challenges, like: 

• need to meet increased security standards requested from the business, 
• a lack of consolidation of logging data from systems, network devices, and endpoint devices,
• long time to diagnose security incidents due to inconsistent correlation of data from a different source, inefficient normalization, and reporting, 
• inconsistent access control to security information and a lack of segregation of duties,
• short security data retention period. 

BlueSoft’s engineers designed a complete system that addressed all of the customer’s concerns by providing a consistent view on the security state of the entire IT solution. The solution comprises:

• implementation of Azure Sentinel, Microsoft Defender Advanced Threat Protection and Azure Advanced Threat Protection to see and stop threats before they cause harm,
• centralization of log and audit data from various sources, including endpoints, network components, firewalls, Azure Active Directory, Active Directory, and M365,
• single pane of glass view on the entire security data due to efficient normalization and correlation process,
• machine learning–based alerts enabling taking proper actions more effectively and efficiently by minimizing the risk exposure time, 
• security incident management, priority handling, tracking, and reporting enabling the formation of the knowledge base for security improvements,
• integration with Microsoft Teams to efficiently alert the security team. 

The introduced platform significantly enhanced the security of KI One S.A. by minimizing risks and potential losses. Some of the key benefits are: 

• increased end-to-end protection from field workers’ devices through network services, servers, and SaaS solutions,
• Machine Learning based analysis that gives constant, valuable insights and improvement suggestions for better security on a daily basis, 
• alerts on security incidents delivered to the right personnel in a short time,
• better visibility of the company’s data security and support for business decisions,
• increased knowledge and awareness of end–users and security engineers regarding the security protection with Azure Sentinel.