The Organization: Vensure HR is a professional employer organization that provides human resources services for small and midmarket customers. Consistently delivering the full suite of payroll administration, risk management, and employee development services demands scalable security solutions with advanced detection and response capabilities In July 2020, Vensure chose Lumifi as its managed detection and response provider, trusting our team to secure a constantly changing set of endpoints against internal and external threats. The company needed 24×7 detection and response services but could not feasibly build and staff its own security operations center for the purpose. Over time, Vensure upgraded its partnership with Lumifi, adding hundreds of new endpoints and signing up for advanced threat detection capabilities.
The Challenge: Human resources firms constantly onboard new users and must continuously monitor their performance to ensure customer satisfaction. They must also process a great deal of sensitive data, from employee histories to payroll information. To do this, HR providers like Vensure offer an implicit guarantee of their employees’ fundamental trustworthiness.
Delivering on that promise is not always easy. High throughput can strain security resources and lead to operational underperformance. Not only does Vensure have to protect against a wide range of external threats, but it must also be prepared to detect and mitigate internal threats as well.
A run-of-the-mill SIEM 1.0 solution would not do. Vensure needed a solution that would continuously validate the actions of authorized users – like new employees – and trigger alerts when it discovered suspicious activity. At the same time, Vensure’s enterprise growth strategy is heavily reliant on acquisitions. The company is purchasing companies and integrating their teams on a monthly basis. These new teams require a standardized security framework that is flexible enough to respond to their unique risk profiles.
To maintain its reputation as a trustworthy HR service provider, Vensure needs to monitor a constantly fluctuating user base and constantly expand coverage to new users and endpoints. As an in-house solution, this would essentially mean exposing the company to unmanageable costs that amplify as the organization grows.
Vensure needed a managed detection and response solution that could scale to meet its needs while driving down costs as the company grows.
The Solution: Vensure knew they needed to rely on Machine Learning and UEBA to gain real security visibility and after testing several SIEM platforms they decided to leverage Exabeam. Upon working with Exabeam, Vensure found Lumifi and immediately saw value in our MDR service.This enabled the company toleverage user entity and behavioral analytics (UEBA) to manage security processes more efficiently while providing analysts with machine learning-enabled insights on insider threats and malicious activity. By November 2020, Vensure had already grown beyond its original MDR deployment and needed to secure an additional 530 endpoints with Palo Alto Cortex XDR. This gave Vensure’s security team unlimited visibility into every aspect of endpoint user activities as the user count grew significantly. Lumifi’s Glass Box approach ensured the company could easily see every part of its security system in action. Vensure soon discovered that its security posture would be significantly improved with the addition of curated real-time threat intelligence. In April 2021, the company added Anomali Threat Stream to its security capabilities, providing security operations personnel with curated, in-depth threat intelligence fit to meet Vensure’s specific risk profile. Thanks to its acquisition-oriented growth strategy, Vensure expanded rapidly during this time. The company added an additional 620 users in June 2021. This rate of growth continued all the way through to the following year, prompting Vensure to renew its contract in July 2022 and upgrade its service yet again. Vensure’s MXDR Pro subscription consolidates extended detection and response capabilities with threat intelligence and UEBA insights in a single package.
The Results: Vensure leveraged the pandemic-era pivot towards remote work to significantly grow its business, and successfully continued that growth trajectory during the post-pandemic era. This growth would not have been possible without a scalable solution for detecting security threats and mitigating risks. Lumifi’s combination of flexible, highly qualified expertise and Glass Box visibility enabled Vensure to grow its user base without worrying about the cost of expanding its security infrastructure.
Through Lumifi, Vensure gained 24×7 monitoring and response capabilities with a heavy focus on log management and analysis. It never had to lock its data into any proprietary software or entrust vital security tasks to Mystery Box technology.
Vensure saves more than 70,000 information security employee hours per year, equating to millions of dollars in payroll expenses.
It can safely grow its core business securely in the knowledge that Lumifi’s security team is ready to monitor user activities, investigate incidents, and mitigate risks on its behalf.
Planning for enterprise growth can take time. It requires a considerable amount of research and relies on deep knowledge of the specific capabilities different technologies offer. At the same time, it is necessarily constrained by budget and involves considerable risk. If it turns out that today’s technology doesn’t meet tomorrow’s needs, it will have to be replaced.
These are problems that organizations of all sizes confront because growth is a goal that every organization shares. The solution, however, is almost always unique to the organization at hand. Information security leaders who rely on the experience and expertise of a reputable service provider like Lumifi can identify the right solutions for their growth story without having to risk that growth on trial-and-error.
Technology Description:
We’ve expanded our MDR capabilities with enhanced incident response and security services to better protect against evolving cyber threats.