One of the largest payroll providers in the world was struggling with how to ensure a financially sound zero-trust enabled internal operating model when vendor sprawl seemed to be taking over. We performed a complete feature-comparison of the various vendor offerings and subscription models available, built a TCO model to ensure that the organization understood the costs and benefits of the changes being recommended, and then made a recommendation on a path that aligned to their security and governance requirements.
During the course of an incident response, our engineers reverse engineered and decrypted a method of communication used by the threat actor to exfiltrate data. Accessing that overseas server enabled us to see hundreds of other customers that were actively compromised in real-time, including healthcare, government, education, and financial services accounts. In collaboration with one of the largest cybersecurity firms and the FBI, we were also able to prove that this threat actor was not deleting data even after receiving ransom payments. The FBI worked with a foreign government and the server was seized, and the trove of data led to a major takedown of an international cybercrime actor, and the publishing of significant findings that detailed major innerworkings in that syndicate.
Managing the assets of 650,000 participants and 1,500 employers, this state investment board needed a trusted partner to be sure that they could operate securely. Leveraging our ZTSAs (Zero Trust Security Accelerators), which were awarded the 2021 Microsoft US Partner Award for Modern Work & Security, we implemented best-practice security controls, identity management, device security, data protection, and threat detection. The end-result was automated protection, single-pane-of-glass visibility, and the sense of relief knowing that they could focus on financial returns for their participants instead of investing millions in cleaning up from a cyber incident.
For a major healthcare organization with staff of over 50,000, it’s critical to have a security partner that understands your requirements. Being an expert resource on governance, compliance, information protection, and security, are all part of a comprehensive delivery model for us to our clients. Ensuring best practices on the Microsoft 365 stack, using Purview and Sentinel effectively, and making sure that the right data is accessible by the right people, is critical to a functioning organization.
This small bank serves thousands of micro-businesses, sole proprietors, and small corporations, making them a likely target for financially opportunistic threat actors. Compounded with issues sending emails internally with attachments and inconsistent policies, they could no longer rely on the technical support and advice from their previous MSP. We were brought in to cleanly transition them from older technologies into a more streamlined Microsoft-centric model, including Exchange Online Protection and Defender for Endpoint, while providing advisory and engineering on the technical and security requirements they need to provide safe and secure services.
With customers waking up to Defender deleting their shortcuts the race to restore productivity began. Infused Innovations quickly took action to mitigate the effects of the problem by changing the problematic ASR rule to Audit-only and notifying them of the situation. We then created and pushed out a script to restore the most common applications used by our clients, focusing on trying to get them back up and running quickly. We were able to restore the majority of our clients’ shortcuts twelve hours before Microsoft released their first remediation script, giving our managed services customers a comprehensive solution returning them to work more quickly. We then released the script publicly, freely-available on Github, to benefit the wider technical community.