A utility company strengthens its cyber security measures

Published ON
January 31, 2023
A public utility aimed to update its security infrastructure by replacing outdated manual processes with modern technology.
main image

The challenge

A  public utility aimed to update its security infrastructure by replacing outdated manual processes with modern technology. This would allow them to effectively prevent cyber threats, comply with regulations, and lower IT expenses. However, the company faced limitations as its application and infrastructure were hosted by a third-party provider in a shared data center, making it difficult to adapt to changing business requirements.

Our approach

The company utilized Cloudseed’s expertise in digital utilities to upgrade its security infrastructure with advanced tools and procedures to improve infrastructure visibility and daily reporting of all security activity. We implemented endpoint protection, advanced malware protection, next-generation firewalls and intrusion prevention tools to ensure a smooth transition and seamless integration before migrating.

We subsequently transferred our business applications to a data center managed by Cloudseed. A dashboard specifically designed for executives, which is fed by a comprehensive set of tools, offers insight into all potential threats, alerts, and actions within the environment, allowing for prompt blocking of any dangers. The ability to view data in real-time has significantly shortened the time needed to detect and prevent threats from two days to just four hours. Additionally, we introduced an auto-provisioning tool that is based on roles.

Simplifying security procedures, adhering to regulations, and minimizing the likelihood of auditing errors.

By implementing continuous measurement and automating manual tasks, the utility has saved time, minimized disruptions, and eliminated manual errors, ensuring compliance with regulatory standards.

We quickly put in place endpoint protection, advanced malware protection, next-generation firewalls, and intrusion prevention tools. Afterward, we moved business applications to a Cloudseed-hosted data center. We also integrated 21 remote offices into the data center, by having the necessary tools in place before migration, we ensured a smooth transition and integration.

The chief security officer of the utility company wanted to proactively tackle security threats. To do so, gaining insight into the environment was crucial. As a result, we developed a dashboard that displays real-time threats, alerts, and actions taken globally. By identifying threats in real-time and triggering alerts, the company can quickly block or contain potential dangers within its infrastructure. Currently, Cloudseed is able to identify and address threats within four hours, a significant improvement from the previous provider's response time of over two days. Real-time visibility also enables the company to detect new or previously unknown devices that may pose threats. A weekly summary report summarizes all activity and provides statistics that can be shared with management.

IAM and compliance efforts are supported by modern tools.

Cloudseed implemented advanced tools to enhance security, identity and access management (IAM), and governance, risk, and compliance (GRC) for the company. Previously, granting access to new employees was a labor-intensive process that resulted in delays and high costs. Our team recommended and implemented an automated, role-based access system that allows supervisors to quickly request access for new employees with just one click. This streamlined the process, reduced the time required to grant access from five days to less than one, and saved the company approximately $600,000 annually. Additionally, we integrated capabilities to ensure compliance with industry standards, such as NIST and CIS, while also meeting Sarbanes-Oxley regulations. By implementing automation and continuous measurement, we eliminated manual errors, saved time, and minimized auditor intrusion, ensuring the company's adherence to best practices and regulatory compliance.

Other Case Studies