Business snapshot
Elmbrook Schools, also known as the School District of Elmbrook, is a K-12 public school system located in Brookfield and Elm Grove, Wisconsin. Their network supports resource access for 7,800 students and 1,200 staff members.
The challenge
Elmbrook Schools experienced a system-wide cyber incident in the summer of 2022. For better protection, they began their search for a managed detection and response (MDR) partner. Operating within a tight budget, they were cautious about making the right choice, as they had to balance price with factors like reputation, ability to meet desired outcomes, technology solutions, access to expertise, and availability of security staff.
Elmbrook Schools also faced challenges due to limited staff expertise and lack of 24×7 security coverage. They sought a partner who could seamlessly integrate with their existing security solutions and software, including their Microsoft 365 suite, enhance their overall security posture using data-driven insights and expert analysis, and provide 24×7 monitoring. Additionally, they desired access to security experts who could guide their staff in responding to threats and proactively remediating vulnerabilities.
The Solution
Initially, Elmbrook Schools selected another MDR vendor due to their lower price point, even though Red Canary was their preferred choice.
However, after a month, Elmbrook Schools backed out of their contract with that MDR vendor, as they could not deliver on the promised integrations with their existing security tools. Despite some reservations stemming from their previous experience, Elmbrook Schools ultimately made the decision to partner with Red Canary. Red Canary checked every box on their must-haves list, including:
- Integrations with their Microsoft 365 security suite and Google Workspace
- Coverage for their on-premises, cloud, and identity environments
- Guidance on navigating and operationalizing their existing security tools
- 24×7 monitoring, detection, and response
- Ability to prioritize threats
- Deep security expertise
The outcome
“On the day of implementation, Red Canary triggered an alert in our environment. I was actually on the phone with the implementation team when they confirmed it as a genuine threat. It was truly remarkable, unexpected, and serendipitous, and most of all, it demonstrated the value of the product immediately.”
DAN SCOTT, DIRECTOR OF IT
ELMBROOK SCHOOLS
During the onboarding process, Red Canary quickly demonstrated their value. Just three days into the partnership, Elmbrook Schools received an alert from Microsoft Defender for Endpoint, which Red Canary confirmed as a threat. Initially dismissed as a false positive, the threat was recognized as legitimate after working with their Red Canary threat hunter, and they were able to take swift action. This incident boosted Elmbrook Schools’ confidence in Red Canary and their ability to detect and respond to threats, establishing Red Canary as an integral part of their security program from the outset.
Dan Scott, Elmbrook Schools’ Director of IT, remarked on several additional benefits:
24x7 peace of mind
“Our cyber incident happened on a Saturday at 2 a.m., a time when I don’t typically respond to phone calls or check emails. Red Canary alleviates that concern by offering round-the-clock coverage, every day of the week.”
Trusted detection and response
“The level of analysis and the quality of information we receive when a threat is detected empower us to respond effectively. I no longer wonder if there’s more to the story, because Red Canary provides the complete narrative.”
A true security ally
“Red Canary’s threat hunters advise our team on best practices, such as how to prioritize patches or tips on how we can better secure our endpoints. The Red Canary team has even helped us understand how to leverage our Microsoft tools and focus our investigative efforts.”
Take fast and consistent action
“We’ve included Red Canary automated playbooks in our response plan. Within that plan, we have specific actions customized to us. Red Canary has been instrumental in informing those responses, helping make our job easier and more efficient.”
In conclusion
“As we deploy new technologies and solutions, security is at the forefront, with Red Canary playing a key role as our security advisors. Red Canary’s team offers the necessary expertise to guide these critical discussions and drive us toward an improved security posture.”
DAN SCOTT, DIRECTOR OF IT
ELMBROOK SCHOOLS
The collaboration between Elmbrook Schools and Red Canary underscores the importance of choosing the right cybersecurity partner. By prioritizing compatibility, expertise, and comprehensive coverage, Elmbrook Schools not only found a solution to their security challenges, but also a proactive and vigilant ally.