TL;DR: Our partners from ITHQ recently implemented SentinelOne for Struto, allowing us the peace-of-mind to operate, knowing we have secured out systems and data.
Scott: Hi everyone, welcome to our case study call. This case study call is with Craig Wiltshire, the CEO and founder of Struto, here in West Sussex in the UK. Hi Craig.
Craig: Hi Scotty! How are you doing?
Scott: All good. For full disclosure, Craig and I have worked together for many, many years.
Craig: True that.
00:28 Scott: Practically family now. Craig, you had another security incident yourself personally, which I know was a very painful moment for you. Perhaps you could explain what happened?
00:46 Craig: So, you know, as with anything it takes some kind of catalyst to get you to move your butt in the right direction sometimes; and for me, I'm a pretty security aware person. We've been in business before, we've run network security companies in the past, we've been involved in them. So it's not like I'm oblivious, and I kind of remember the day because I was busy doing something, noticed the popup and just clicked OK, and then I carried on doing what I was doing. But essentially I had probably given something access to my system, which was then rerouting information to it's own servers and basically stealing stuff that I was doing, as simple as that. Fortunately, we noticed it straight away because it changed my DNS settings and a couple of other things, which meant that it highlighted the problem I was in and I was able to call the Scott helpline. And we were able to catch it, fortunately, in time. But it was a wake up call for me, because like most Mac users out there, we tend to get a little bit blasé about securing our devices and going "wow, we don't get attacked as often as Windows. it's Windows' problem, not ours". And really, it is everybody's problem. I didn't think it would happen to me, but it did.
02:09 Scott: Absolutely, on the rise of Mac Malware and Ransomware is probably in the step with the rise of Mac as a desktop operating system. The more people that are using it, the bigger install base there is, the more obvious a target you become. Which everyone always said would happen, and thankfully Mac are still quite secure. The general architecture is quite secure, but as soon as you hit the OK, or give something permission or install something, you're at the mercy of those app developers. So what I suggested to you was what is actually an enterprise solution that we provide, which is SentinelOne. And SentinelOne is obviously end-point protection, it's machine-learning based, but the reason I like it so much is that for seven years now, it's never let anything through. And even with recent attacks - Xero Logon, Loki, all the ransomware as a service attacks, Smaug, etc. SentinelOne has defeated them all on day zero, if you'd like, it's quite an impressive platform. So one of the things we've highlighted that challenges SentinelOne is that you have to buy an enterprise style license; you have to pay annually in advance, you have to buy 100+ licenses as an initial purchase. So what we suggested for you, and what we managed to pull off was a managed service arrangement. Perhaps you can explain how that's worked better for you?
03:50 Craig: Firstly, thanks for highlighting that at the sort of enterprise quality, in terms of what we're getting from a technology perspective. And again, this is something that I thought was out of our reach, and probably beyond our budget in the normal world for a small business. But I think the service that you guys offer has obviously made that accessible to us. It's given me the piece of mind that we are getting that day-zero protection. I think I was lucky enough to sit in on a demo that one of the guys from SentinelOne did. I think he ran a webinar, or something like that, where they demonstrated a kind of simulated day-zero attack, and it's just an amazing thing to see. It sounds all flash when you hear the story, but when you actually see it happening, it's pretty cool. So from my side I was like "Wow, that actually works", number one. Number two, you probably know better than me, obviously no one has had any issue in terms of anything being installed on our systems since then, but I know that stuff has been caught by SentintelOne. So maybe you can give some more insight into some of those incidents. the beauty is that I don't care. I don't know about them, I don't care, it's been sorted.
05:01 Scott: To be honest, I would love to be able to give you some insight. I know that I've heard from my team that some things have been stopped on your network and some things have been caught. I don't know the natures of the exact incident, but to be honest I'm at that position too. There is so much malware out there, 300,000+ pieces of malware are being developed every day. Whether that's a true number or not, it doesn't really matter, the point is that you can't keep track of the threats or the incidents now, they just continue.
05:35 Craig: And our job is not to keep track of it, we just know that it has been taken care of.
05:40 Scott: Absolutely, and it's interesting that I think you've only had it about two or three months maybe. But in that time, several incidents have been caught. And we had found some users doing some pretty bad things, not in a nefarious way, but they didn't even know that they were doing bad things. They had just been sent home because of lockdown, with the laptop, they thought they were doing the right things but they weren't. So suppose in closing, if we look at the sort of benefits that are realised; you have all of that centralized control; your users feel safer; you have visibility of what they're doing; you manage to save some time and money which is great. If I was to sum it up in one big benefit for you - it's peace of mind.
06:34 Craig: Absolutely. It's knowing that I don't have to worry about these things. It's being done, it's being sorted for me. Something has my back. I'm not going to have to answer the GDPR commission or something, because someone's data has been knicked from somewhere. There's a good chance that it's not going to happen.
06:55 Scott: And the truth is that all of these things are about not being the easiest target I suppose. it's that story of running away from the lion. You don't have to be the fastest guy, you just have to not be the slowest. And the truth is that attackers target the lower hanging fruit. They're looking for open doors, and the more doors you close, the more protected you are.
07:20 Craig: I think that the other lesson here from a small business perspective, is that these things are accessible. They don't cost the Earth, in terms of ongoing total cost of ownership and so forth, and even deployment. I'm sure you did us a favor there, but I think it's within reach of smaller businesses. Moving up, it's a requirement in larger businesses. As far as I'm concerned, it's not even a question. For me it's about making it accessible to everyone.
07:51 Scott: It's that point that I want to get across, that it is accessible to everyone. It is probably an unbudgeted expense. I think that's the problem that everyone has, is that they never put security down in their budget and that they don't talk about it at the board level. It really doesn't come up until there is a problem. It's the mindset shift that needs to happen. You don't buy car insurance after you've had an accident. Yet that seems to be the approach in cyber at the moment.
08:24 Craig: Agreed
08:25 Scott: Well look, I think that pretty much wraps it up. So thank you so much for your time, I really appreciate it. We look forward to helping you continue providing a better customer experience for your internal and external customers. And be more secure.
08:42: Craig: Thank you very much Scotty.