Devoli Operations With Advantage
Wholesale internet services provider Devoli has chosen a Managed Detection and Response Service from SentinelOne delivered and supported by Advantage. The service contributes to a cybersecurity posture suitable for an organisation for which any interruption to business is considered unacceptable – and to date, it has enjoyed trouble-free operations thanks to the always-on monitoring of its networks and data assets.
In business for more than a decade, Devoli provides voice and data services underpinning retail Internet Service Providers on both sides of the Tasman. With a sharp focus on empowering its customers, Devoli’s services are driven by network automation tools that provide a lightning quick, easily digestible self-service interface. Devoli maintains its own International Data Network, contributing to comprehensive quality control across its services.
Situation
Director Ken Nicod says the premise for Devoli is that it doesn’t want to touch anything. “Our focus is on scaling without adding human resources; we want every customer to get exactly what they need in terms of enabling their ISP business, without having to speak to anyone, ever. Unless absolutely necessary, of course.”
By no means a misanthrope, Nicod explains the reason: “If something goes wrong, people can’t react fast enough. These days, the internet is expected to be ‘invisible’ and to merely work all the time. If a customer has to pick up the phone, it is already too late.”
This makes unimpeachable security a necessity. It also makes this a further aspect of the business Nicod wants automated. “For example, humans can’t react to Distributed Denial of Service attacks – something an ISP is prone to – but machines can both recognise and stop it more effectively,” he comments.
And it happens, too. “We’ve been exposed before via an interconnect with an Australian ISP. This exposed a shortcoming on our side where we realised we needed further protection on top of existing measures, with intrusion detection on top of our existing DDoS measures.”
Solution
Already working closely with Advantage (for which Devoli delivers ISP services), Nicod knew where to look. “We didn’t just consider the intrusion detection side of things, but went over our entire security setup to look for any other shortcomings or opportunities for improvement,” he relates. “Having previously worked with large companies, one thing was immediately apparent: Advantage is exceptionally responsive and available. I wasn’t expecting the quality or speed of the service we got, nor the direct access to engineering teams.”
Several solutions were recommended; Nicod says SentinelOne’s Managed Detection and Response (MDR) emerged as optimal. “Not only was it recommended by Advantage, but our team has experience with similar security systems. It was an obvious choice, with some of the other options presented being overkill in terms of cost and complexity in deployment and maintenance.”
Delivered via Advantage’s Security Operations Centre, SentinelOne MDR provides around the clock threat monitoring and response, with industry-leading a mean time to detection and mean time to recovery of just 18 minutes. This ‘threat hunting’ capability allows Devoli to focus on running its business, rather than worrying about the evolving threat environment.
Results
Nicod says ransomware is the most prevalent threat. “With SentinelOne, we can see these things coming in. As an ISP, we must protect all assets and customer data, so we have to lock everything down as far as possible, perform penetration tests, and watch what happens internally. The MDR service means any threat, internal or external, is being looked out for and addressed, all the time.”
In addition to effectiveness, an advantage of the service is that it doesn’t interfere with business-as-usual. “It hasn’t impacted us in any way, shape or form. Security is always more effective when it doesn’t change the way people work, or get in their way.”
The solution has done what it should, too, with a recent example emerging of a ‘defective desktop’ with a person within the company clicking something they shouldn’t have. “SentinelOne detected and shut it down immediately. It works well, and it works all the time.”
While effective tools and support from a proven partner provide assurance, Nicod however notes that the most important factor in securing any organisation remains targeting the human element. “Tools and technology help. But you still have to educate people and keep them up to date.”