A few months ago, the International Data Corporation (IDC) conducted a Technology Spotlight and a Customer Spotlight on our company. The two reports: Advanced Managed Security in a New Era: Simple Steps to Rapid Response Advanced Managed Security and Yellow Pages: Better Security, Great User Experience reaffirm our position as a high-quality provider of managed security services, one that follows a flexible and customer-centric approach. We provide a summary of the two reports below.
IDC Technology Spotlight on GoSecure
As highlighted in the IDC Technology Spotlight report, one of the most important security elements that companies struggle with is the human factor. No technology alone—such as software-based or hardware-based security solutions—can fully protect a company from a breach; there is no substitute for trained IT professionals.
While visiting our facilities, IDC representatives quickly noticed that our security solutions neutralize vulnerabilities by capitalizing on fully trained IT professionals, including SANS certified analysts and engineers. They also noticed that our managed security services combine “best-of-breed solutions, custom intellectual property, and highly trained analysts together to monitor, detect, and mitigate any attacks”.
IDC representatives evaluated our portfolio of managed security services, which they qualified as including “easily consumable offerings”. They analyzed and summarized 3 services we offer: Endpoint Security Lifecycle (ESL), Managed Security Operations (CORE) and Advanced Adversary Protection (AAP). A summary is presented in the figure above.
Moreover, they saw value in our alternative approach to marketing: being part of security communities. They qualified us as a “corporate citizen” emphasizing our R&D team that contributes to open source anti-malware software, vulnerability mitigation, as well as publishes peer-reviewed articles in collaboration with universities. The community events we host or sponsor, such as HASK, OWASP, GoSec, AtlSecCon, and NorthSec are also elements that reaffirm our position towards knowledge sharing and community development.
IDC representatives also highlighted our SOC 2.0 compliant business in addition to our PCI QSAs and ISO27001 lead implementers. Additionally, many GoSecure employees are CISSP, CISA, CISM, CSSLP or OSCP certified. We value employee development and training, and support them to become leaders in their fields.
Following their evaluation, IDC representatives concluded that we are well-placed to protect our customers, due to our size, knowledge, and strong focus towards advanced security services. They mentioned:
“We are impressed by its [GoSecure's] attention to customer satisfaction above the desire to rapidly scale its business. This customer-centric approach allows it [GoSecure] to continue to provide rapid detection and response when attacks occur.”
IDC Customer Spotlight on GoSecure
The CISO of Yellow Pages (YP), Eric Hebert, decided to outsource the security monitoring of the company's PC and servers in October 2016. The company tried a proof of concept for 4 months using the GoSecure’s AAP with Attack Stream Interrupter (ASI) for endpoint detection and response (EDR).
“AAP is conducted out of GoSecure's Active Response Center (ARC) in Dartmouth, Canada. This SOC2 Type II facility is manned 24 x 7 x 365 and supported by two tier 4 data centres that host the proprietary system that combines threat intelligence feeds, machine learning, and custom-built antimalware tools to support the ARC team in threat hunting and incident mitigation.”
During the case study, IDC representatives were told by YP that the value of our AAP services was quickly uncovered. As the report states, during the proof of concept, our IT team notified YP that an employee installed a suspicious software on a company's workstation. Our IT team wanted to confirm with YP if such installation was accepted by the company's security policy. The total time from detection to response took less than 20 minutes which is “a vast improvement over what YP had experienced in the past”.
Following this positive experience, YP mentioned that they added the ASI and EDR services to their security package. Combined, these services will disconnect or reset network connections that look suspicious and quarantines files when necessary. IDC representatives concluded that:
“With the full portfolio of AAP services enabled, YP had a partner in endpoint detection and response, but also real-time mitigation and threat hunting.”
On top of this, IDC representatives were told by YP that the EDR client was installed on endpoints without the need of user intervention.
The benefits of using our services are listed in the report and range from improved detection time to rapid incident mitigation, no data residency concerns and no impact on user experience.
We invite you to read these two IDC reports, Advanced Managed Security in a New Era: Simple Steps to Rapid Response Advanced Managed Security and Yellow Pages: Better Security, Great User Experience, which illustrate how, at GoSecure, we stand out in this highly competitive market by providing high-quality managed security services that are customer-centric, flexible, lightweight and based on top-notch technologies and personnel.