The vision: Secure a world-class organization and prevent security fatigue.
This elite NBA team made a commitment to protect the organization from mounting cyberthreats — starting with a move to Microsoft Sentinel™.
The team had a legacy Security Information and Event Management (SIEM) system that it planned to replace when the contract expired. A seamless transition was critical. To put the pressure on, the transition would need to be made with zero outages as the move would occur during the NBA season. Speed of delivery and time to value were also key — what could have easily taken eight weeks to complete would need to be done in four.
Lining up the shot
The organization leaned on Insight as its central point of execution to deploy the latest SIEM technology through Microsoft. Cloud architects accelerated the Microsoft® Sentinel implementation for both cloud and on-premises protection of sensitive assets.
Insight performed a full investigation of the client’s existing setup, including customizations and alerts. Next, we near-replicated the environment in Microsoft Sentinel, reproducing the alerts and mirroring the functionality. Together with the client’s IT department, we ensured that all data feeds rerouted to Microsoft Sentinel. This required implementation of a new data forwarder using Azure® Infrastructure as a Service (IaaS).
By leveraging existing technical investments and understanding what needed to stay consistent — a like-for-like environment with improved capabilities — Insight made the changeover as seamless and cost-effective as possible.
The outcome: An intelligent, optimized security environment saving millions in labor costs
Today, the organization has a state-of-the-art SIEM and modern security operations engine that’s setting a new standard across the NBA. In the new platform, all workloads can be secured through the dynamics of artificial intelligence at scale, automated incident response and investigative tool sets.
The IT organization is benefiting from a better understanding of its data and unusual activity with custom reports (i.e., workbooks) in Microsoft Sentinel. Security data generated anywhere in the IT environment is aggregated in one centralized location for optimal visibility and analysis. More and better-targeted alerts have been created to help identify abnormalities and accelerate incident response.
The time it takes to generate reports on security issues has been dramatically reduced from roughly 20 hours to 30 minutes — a 97% decrease. Due to fewer manual processes, the client has also realized a 90% improvement in efficiencies overall. In fact, the efficiency gains have enabled the transition of two full-time employees away from hardware monitoring to solely incident management. Thousands of hours are saved per year, driving cost savings into the millions in just a two-year span and will continue to accumulate.
Beyond the time and cost savings, the organization is benefiting from scalable cloud-based security that will adapt to an evolving threatscape for years to come.