Case Study: Efficient monitoring of an municipal IT landscape

Security instead of flying blind: The IT team of a major city relies on IT monitoring as a preventive measure in its security strategy and brings the attack surface under control with regular vulnerability analyses.

Background

Den IT-Verantwortlichen einer hessischen Großstadt mit über 1000 Angestellten ging es wie vielen anderen Administratoren in Behörden und öffentlichen Einrichtungen. Sie erledigten ihre Arbeit gut und taten ihr Bestes, um alles sicher zu machen. Doch ob das ausreichend war, wussten sie nicht. Das lag unter anderem daran, dass die Sicht von außen fehlte und keine Informationen über die IT-Sicherheitsleistung von Dienstleistern, wie beispielsweise Webserver-Betreibende, vorlagen. Somit blieben viele Schwachstellen unerkannt und die IT-Sicherheitslage im Dunkeln. Um das zu ändern, sorgt das Admin-Team jetzt mit einem IT-Monitoring der externen IT-Infrastruktur für Transparenz – und kann umgehend erste Erfolge verzeichnen.

 

Solution

The first LocateRisk analysis report was a painful surprise. "Actually, we were sure," says the deputy IT manager. The result was already a pinprick, he says. But it was also the impetus to discover the reasons. The first step was to inform the hosting provider of the city's main domain about a security-critical finding. The latter was grateful and immediately optimized, which made the second analysis look much better. The situation was similar with the colleagues. Thanks to the reports, individual vulnerabilities, for example in the application area or with regard to dreaded shadow IT, could be specifically addressed and optimized.

Die stadtpolitischen Entscheidungsträger überzeugte vor allem die objektive Sicht auf die IT und die professionelle Aufbereitung der Daten. Um die Lage dauerhaft im Griff zu behalten, werden die Analysen nun regelmäßig als IT-Monitoring durchgeführt. Damit die Menge der identifizierten Schwachstellen das Team nicht überlasten, unterteilt die Leitung das Ergebnis in kleine Häppchen und verteilt die Aufgaben zur Optimierung an die entsprechenden Server-Betreuer.

IT monitoring results report: The interactive report provides IT managers with detailed information on critical findings as well as recommended actions for remediation. In addition, useful functions such as an integrated action plan, automatic change detection with e-mail notification and the difference function accelerate the optimization process.

Result

The IT risk assessments from an external perspective are adopted as a building block in the city's IT security concept. The IT team uses the results as a sporting challenge to get better and therefore more secure with every scan - even though everyone knows, of course, that there is no such thing as 100 percent security. In addition, the reports are used as evidence to third parties, such as cyber insurance companies. The interactive platform is considered particularly helpful in the daily process. "The user-friendly interface across all levels, from servers to vulnerabilities to recommended actions, speeds up the work and is a real added value."

Request your personal Live-Demo now

Identify and reduce your cyber risks through a comparable and understandable overview of your IT security. Let our experts advise you and find out how LocateRisk can help you solve your cyber risks.

I agree to the privacy policy gelesen


Learn more, book a demo, or just have a quick chat? Alex is happy to help!

Your personal consultantAlexander FeldmannConsulting

+49 (0) 6151 6290246

Get in touch now