Try before you buy: Road-testing Microsoft Sentinel for a local housing association
We built a proof-of-concept for Linc Cymru to test drive Microsoft Sentinel. As a result, Sentinel now forms a key part of their security and compliance strategy.
As a housing association and care provider, Linc Cymru handles a lot of sensitive personal data. They needed to ensure they had the visibility and response power to protect this information and prevent potential breaches.
Already making use of the Azure cloud, Linc Cymru approached Microsoft to source a named partner to build out a proof-of-concept (POC) environment to evaluate how Microsoft’s leading SIEM solution, Microsoft Sentinel, could help detect and respond to threats.
Ensuring greater threat protection with Microsoft Sentinel
Our Sentinel POC helped Linc Cymru:
The search for a SIEM and improved security
Linc Cymru was already using Azure Log Analytics and Logic Apps to automate server management (updating security patches using LogicApps and triggering upgrades when Microsoft release high importance patches).
They quickly identified the need to use the Azure platform to provide security insights and oversight of their on-premises and public cloud networks.
Linc Cymru began looking at using a security incident and event management (SIEM) platform to achieve this.
As their security logs were being stored in Azure, it made sense to explore Microsoft Sentinel as a potential solution. It also meant that the initial costs to do so were incredibly low.
Book a demo
Find out if your business is cyber safe with a Security Posture Assessment
Identify threats, reduce your risk, and build a prioritised roadmap for improvement and continued compliance.
Sentinel could work natively within the Azure platform using existing log storage to provide instant visibility of historical data.
Technology Manager, Linc Cymru
Having initially set up Sentinel in-house, Linc Cymru decided to go through Microsoft to build out a fully developed proof-of-concept environment to put the platform through its paces.
With specialist expertise in Microsoft’s security suite and Sentinel in particular, Microsoft recommended Kocho as the partner best placed to deliver the POC.
Proving Sentinel’s worth with a proof-of-concept
Within a day or two of the project starting, we had Sentinel configured and up and running.
Over the next two weeks, Sentinel ingested and learnt from Linc Cymru’s security logs. A weekly call with Kocho security expert, Paul Rouse, helped reduce any false positives and fine-tune Sentinel’s understanding of the Linc Cymru environment using its out-of-the-box workbooks.
In around a month, Sentinel was fully operational and producing accurate security event data for Linc Cymru to investigate further and visualise in various dashboards and reports.
Once the POC was completed, Linc Cymru used the established environment as a foundation to build upon. In the following months, more logs were incorporated into Sentinel from other, non-Microsoft, systems.
This has enabled Linc Cymru to monitor their security from a single location with greater insight into events using near real-time data.
Having this global view over their entire IT estate means that Linc Cymru can spot threats and false positives with greater ease versus piecing together event activity from isolated systems and dashboards.
We can quickly spot high alerts in all of our security systems and direct attention to the right place at the right time.
Technology Manager, Linc Cymru
A strong foundation for enhanced automation and response
Linc Cymru continues to build on the foundation laid by the Sentinel POC, incorporating more and more systems, practices, and processes to be monitored. Particularly around the integration of Dynamics 365 which is a major element of their housing management services.
Sentinel is now key to ensuring that security and compliance are at the forefront of everything Linc Cymru does.
To ensure compliance improves alongside their security capabilities, we are supporting Linc Cymru with further POCs for Data Loss Prevention and Information Compliance.
A Microsoft FastTrack project is also underway to help Linc Cymru’s internal IT Compliance Officer fully understand the compliance features included within Microsoft 365 for more efficient management.
Once these initiatives are completed, Linc Cymru will look to consolidate various automated rules and responses into Sentinel for greater efficiency and accuracy.
Using more of Sentinel’s automation capabilities will mean an increase in costs, but for Linc Cymru, the benefits of being able to ensure an accurate response to threats far outweigh the additional cost.
Security health check
Book a Security Posture Assessment Demo today!
Remove the guess work, wasted spend, and vulnerabilities from your security.
A Security Posture Assessment:
- Cuts through complexity to uncover security blind spots
- Pinpoints key risks and prioritises security investments
- Helps you demonstrate improvements and measure ROI
Great Microsoft Sentinel resources
Microsoft Security Roadshow 2024
The AI-Factor: How Generative AI could transform your security operations
Kocho wins ‘Security Specialist Reseller’ at the 2023 PCR Awards
Supercharge Sentinel for complete threat protection
Learn how to supercharge your threat protection and leverage the full potential of your Microsoft investment for holistic AI-powered security.
Got a question? Need more information?
Our expert team can help you.