[Case Study] Cambridge Biotech
An early-stage biotech company in Cambridge, MA was planning for growth and preparing for a move to a new location. The transition allowed them to stop and think about their security posture and how it could be improved.
The IT Director on staff was managing too much: network configuration and maintenance, investigations, and handling of all issues and symptoms. He was left to solve and manage at every level.
When searching for a security partner, the goals were to not only take some of the weight off of the IT Director but also to:
- Proactively maintain network equipment
- Ensure proper security configuration of the network
- Actively monitor for signs of a security incident
- Put an incident response plan in place
Once the Technium team got a thorough understanding of their security posture and goals, we were able to guide them through obtaining the correct equipment for their next phase and future growth. We then collaborated to put a proven, systematic approach in place to manage security and improve it over time. Now, the Cambridge Biotech and Technium meet regularly to review reporting and discuss actionable items to keep security well maintained and relevant to how the biotech is operating.
Results of the Partnership
PROTECT
- Maintain all network equipment, actively monitor for vulnerabilities and perform patch/upgrade as required
- Configure firewall and all network hardware based on best practices
DETECT
- Monitor internal network, endpoints, AWS, and Office365 for abnormalities
- Set up rules and exceptions are set up to avoid false positives
RESPOND
- Alerts are managed and remediated
- Emergency access via cellular out-of-band device in case external network access is down
“Working with your team has given me the trust to step back and focus on other things knowing that you've got me covered. That's pretty hard to come by and super valuable. Greatly appreciated.”
Why Scientists Should Care About Security
Once ransomware is resident on a system, it can be a simple money collection exercise or a means to an end to capture intellectual property. Lost intellectual property may allow an organization in another country to leap forward and deliver your discoveries.
How secure is your data in the cloud?
Did you know that securing your data in cloud environments, such as AWS, Azure and Google, is your responsibility? These public cloud providers keep your data safe from anything outside of their environment but there is nothing protecting you from within their environment.
Identifying (in Order to Improve) Your Path to the Cloud
Do you know how you’re connecting to the cloud? Knowing this will help you find the most efficient and economical way to get you what you need.
How to Get Approval for Building Security into Your Company—Even if It’s Not in Scope
Budgeting for IT costs is often a big challenge because of the many factors businesses can’t control. Learn how to present proposals to get the budget to tackle IT issues before they happen.