See more projects
nda

The customer chose to protect their confidential information

Managed IT Support Services

About the client

Andersen's managed IT support services were ordered by a large, rapidly growing company with its own IT service. The customer was suffering losses from system downtime, employees' mistakes, and hacker attacks. Their tickets took a long time to be resolved. There was also a lack of processes and planning.

Location:Poland
[object Object] on the map

Project overview

This strategic and lasting partnership is focused on improving the customer's cyber security procedures and safeguards, establishing a streamlined and effective tech support framework, and helping them ensure compliance with modern quality and safety standards.

Duration42+ months
Technologies
Microsoft Active Directory
Azure Active Directory
Microsoft Intune
SSO
AWS Cloud

Other:

Linux Systems, Windows Systems, Microsoft SQL Server, PostgreSQL, Power BI , Cisco Systems, Juniper Networks, Docker, Kubernetes, IPA, Atlassian, Apache Kafka

Retrospective timeline / 2018

As of 2018, the year before we were contracted, the customer was facing the following situation.

Initial IT support issues

  • High volumes of incidents;
  • Data loss incidents;
  • Client churn;
  • Frequent system downtimes.

Loss: €160,000

Retrospective timeline / 2019

In 2019, the customer chose to initiate a managed IT support collaboration with Andersen. At that moment, the range of challenges they had to deal with was even broader than in 2018.

Issues

  • High volumes of incidents;

  • Data loss incidents;

  • Client churn;

  • Frequent system downtimes;

  • Overall performance degradation of the customer's business systems;

  • Absence of lifecycle management for accounts and secrets.

Loss: €98,000

What we did

  • Held a full infrastructure and process audit;

  • Established account lifecycle management;

  • Set up incident and event management;

  • Configured the monitoring system;

  • Configured the log collection system.

Value added

  • Crucial issues were prioritized;

  • An issue resolution roadmap was created;

  • A centralized system for managing users and their lifecycles was integrated;

  • Security measures for critical systems were enhanced;

  • Internal systems and servers were removed from the external segment of the Internet;

  • Load and system status monitoring was introduced.

Retrospective timeline / 2020

Issues

  • Absence of patch management and software lifecycle processes;

  • No asset management in place;

  • Emergence of shadow IT;

  • Network-related issues.

Loss: €78,000

What we did

  • Integrated an SIEM solution;

  • Built a DMZ and configured firewall systems;

  • Established patch management and update processes;

  • Configured and optimized a monitoring system solution;

  • Integrated a complete asset management solution.

Value added

  • The roadmap was adjusted to align with existing information security challenges;

  • Network and server transparency for both the customer and our team was enhanced;

  • The number of incidents was significantly reduced.

Retrospective timeline / 2021

Issues

  • Massive DDoS attacks on corporate resources;

  • A “heisenbug” in the infrastructure affecting productivity;

  • Credential brute-force attacks and data leaks;

  • VPN services did not cover business and information security tasks.

Loss: €13,700

What we did

  • Implemented a CDN;

  • Configured a web application firewall (WAF);

  • Tightened network policies and enhanced firewall rules;

  • Established a new VPN protocol with MFA integration;

  • Relocated the majority of systems to the internal network;

  • Optimized resource consumption.

Value added

  • Public resource security was enhanced;

  • Response speed of the company's website reached ~200ms per request;

  • SLA of 99.99% for public system operations was met;

  • Cloud infrastructure costs (specifically AWS) were optimized;

  • Company losses due to security lapses were reduced.

Retrospective timeline / 2022

Issues

  • Inconsistent authentication methods across systems;

  • Undefined or misaligned IT security and management policies;

  • Multiple sources for AAA (Authentication, Authorization, and Accounting);

  • Absence of security logs;

  • Data leakages.

Loss: €3,000

What we did

  • Implemented SSO for 90% of the systems;

  • Unified access logs across the infrastructure;

  • Enhanced IT security event management;

  • Integrated an SIEM solution;

  • Implemented the ETL process for critical data;

  • Introduced advanced encryption settings for data, backups, and storage;

  • Defined and implemented IT Security policies.

Value added

  • Oversight of employee access to information systems was enhanced;

  • Event auditing and access control to information were streamlined;

  • User experiences across systems were improved;

  • System performance was boosted;

  • Process and data classification protocols were established;

  • External ISO 27001 and SoC 2 audits were performed successfully.

Challenges

  • A significant number of recurring incidents;
  • Absence of clear incident management processes and transparency;
  • Swift expansion of the company and its IT service scope;
  • No preventive measures in place to avert incidents;
  • Unpredictability in the delivery of IT services;
  • Resulting client attrition, reputational damage, and financial losses.

Project results

During the 3.5 years we have provided managed IT support solutions to the customer, we have reduced their number of incidents from 1,100 to 10 per year. Andersen's team has built technical support processes in accordance with ITIL/ITSM, completely eliminated their legacy systems, and increased the system uptime to 99.97% (2h 30m downtime per year). Transparency and predictability in their IT landscape have been secured. Also, we have helped the customer pass external ISO 27001 and SoC2 audits.

Visual concept

Let's talk about your IT needs

What happens next?

An expert contacts you after having analyzed your requirements;

If needed, we sign an NDA to ensure the highest privacy level;

We submit a comprehensive project proposal with estimates, timelines, CVs, etc.

Customers who trust us

SamsungVerivoxTUI

Let's talk about your IT needs