Home / Case studies / Increased level of security for Ensinger
Case studies
Increased level of security for Ensinger
Skaylink Cyber Security Center provides 24/7 protection against attacks
The Ensinger Group is a family-owned company with 2,700 employees at 34 locations worldwide. The company is present in the most important industrial regions of the world. It develops, produces, and distributes compounds, semi-finished products, profiles, and finished parts made of technical plastics. To this end, Ensinger uses different manufacturing processes, such as extrusion or injection molding.
Target image for more security
“IT security is becoming increasingly essential for companies. When IT doesn’t work, the entire company comes to a standstill.”
Thomas Fischer, CIO of the Ensinger Group
In addition to security, the focal areas of the company’s IT department also include digitalization, internationalization, and stability. To ensure smooth operations, the IT department is increasingly replacing a wide variety of isolated solutions with the Microsoft 365 product suite. This gives Ensinger holistic and in-depth insight into its IT landscape. To obtain support during implementation, Ensinger looked for an IT service provider with comprehensive expertise in Microsoft solutions.
Ensinger had already worked successfully with the experts from Skaylink in the past as part of Microsoft’s free FastTrack program. Skaylink demonstrated impressive in-depth security expertise and best practices. As a Microsoft MISA partner, Skaylink held an MXDR workshop, which only a few companies worldwide are authorized to conduct, among other events. In order to further exploit the full set of features of Microsoft 365, Thomas Fischer decided to consult with Skaylink again.
The IT environment was analyzed at the beginning of the project. Based on the current situation, the experts from Ensinger and Skaylink jointly developed a target image from which they derived several subprojects. They included the introduction of a Security Operations Center (SOC) and the modernization of endpoint management and mail flow.
Security Operations Center for 24/7 security
Ensinger had already successfully implemented Microsoft Sentinel and many components of the Defender product family in collaboration with Skaylink. Ensinger’s security team was able to identify threats and respond accordingly when necessary. However, this only happened during normal working hours, and the team also received many non-critical notifications. Therefore, Ensinger was looking for a Security Operations Center (SOC) that could monitor, filter, and evaluate security reports 24/7. After conducting a market analysis, Ensinger decided on the Skaylink Cyber Security Center (CSC). Jens Dettinger, Team Leader for IT Security & Security Officer at Ensinger, explained: “We were extremely satisfied with our previous good relationship with Skaylink and the price-performance ratio of the CSC. The onboarding for the CSC was quick: After just four joint workshops on the desired security configurations, the ramp-up phase for the CSC began. During it, Skaylink’s security experts identified false alarms and customized analytical rules. The CSC analysis and alarm rules are continuously expanded: If the CSC team detects a threat for one customer, it optimizes the rules for all customers. This way everyone benefits.
“The CSC helps us out tremendously in our daily work. It only informs us about relevant incidents. We also receive assessments and tips from Skaylink experts on how to resolve the problem.”
Jens Dettinger, Team Leader for IT Security & Security Officer at Ensinger
Ensinger’s security team primarily takes care of the actual mitigation itself. Playbooks have been jointly developed for different scenarios, including compromise recovery. During emergencies, the Skaylink team is available to provide help and advice.
End users usually do not notice the increased security measures. The IT department will only contact them if they are affected by an incident.
Hybrid solution: co-management of Intune and SCCM
Another security area that Ensinger has optimized together with the experts from Skaylink is endpoint management. To meet Ensinger’s requirements, Skaylink recommended co-management of Intune and SCCM (System Center Configuration Manager). The company now has the ability to manage all endpoints using Intune. Most software is distributed via SCCM. Ensinger is able to bring together on-premises and cloud environments through the hybrid integration. Secure IT operations are ensured by Skaylink’s best practices and extensive documentation.
“We now use a state-of-the-art security platform for endpoint management with many options for technical analysis. We also have a comprehensive overview of our IT infrastructure and our end devices. As a result, we have increased our level of security enormously.”
Tobias Vögele, Head of Collaboration & Cloud Solutions at Ensinger
Secured mail flow
The Skaylink experts implemented another integration for the mail gateway. In conjunction with mail flow optimization, Defender for Office, and a third-party solution, the existing mail gateway was integrated into the adapted cloud environment in accordance with the customer’s requirements. End users now benefit from improved self-services, such as easier quarantining, blocking of senders, and maintenance of their own mailing lists. At the same time, they are better protected against spam, viruses, and malicious attachments.
Conclusion
“The security journey is never complete. But we plan to continue down this path in the future with the experts from Skaylink.”
Jens Dettinger, Team Leader for IT Security & Security Officer at Ensinger
Brief summary of the project
Company:
Ensinger Group
Challenges:
Replacing isolated solutions and keeping pace with current security threats
Solution:
Utilizing the Microsoft 365 product suite and transferring security monitoring to the Skaylink Cyber Security Center
Technologies:
Skaylink Cyber Security Center, Microsoft Defender products, Microsoft Sentinel, Exchange 2019