The mission
Add hands-on-keyboard remediation expertise and security coverage, 24/7
Schumacher Homes has dedicated more and more attention to security over the years. The current threat environment and the increasing prevalence of ransomware, though, drew concern from the IT organization and executive-level leadership at the business.
Schumacher Homes knew it needed hands-on-keyboard security expertise for cyber threat remediation across its endpoints as well as broader detection, investigation, and response coverage that operated around the clock.
Challenges
Schumacher Homes operates with a two-person IT & Security organization. Their Director of Information Technology, Will McCann, oversees not only security but also development, infrastructure, and telecommunications. His teammate, Mike Marstrell, manages all of Schumacher’s infrastructure in addition to the support team. They didn’t have the in-house resources needed to detect and remediate threats as fast as they wanted to.
“Before Red Canary, it was just us two. We needed more bodies and eyes on security as a whole,” said Will.
Solution
Schumacher Homes started with Red Canary in 2020. In 2021, they added Active Remediation, a service in which Red Canary security experts remotely remediate threats on managed endpoints, 24/7/365. With Active Remediation, they received the best of both hands-on-keyboard expertise and automated response.
Schumacher was impressed with Red Canary from the start. “There’s not a lot of fluff from Red Canary,” said Will. “They were very direct and said, here’s what we do, and we’re really good at it. We appreciated that.” After speaking with Red Canary’s Threat Hunting Team and detection engineers, Mike noted, “From their histories you know they’re top of the game security professionals. We knew we were in good hands.”
After deciding to partner with Red Canary, Schumacher immediately felt the presence of added security expertise. “When we brought on Red Canary, it felt like we actually had their security staff members sitting in cubicles at our office,” said Will. “ It feels like they are working directly next to you.”
Results
Schumacher Homes benefited from Active Remediation soon after signing up.
At 4am on a Saturday morning, Red Canary detected suspicious activity on one of Schumacher’s Microsoft Exchange Servers. Upon detection of that activity, Red Canary immediately isolated the relevant server and continued investigating Schumacher’s environment more broadly. Schumacher’s Threat Hunting Team at Red Canary got in touch with Will and Mike as soon as the necessary containment had been completed; they conveyed to them what the issue was, what actions Red Canary took, and how to improve Schumacher’s ability to prevent these incidents going forward.
“With the steps Red Canary took after detection, we felt safe almost immediately. We were back to normal that morning,” said Mike. Will noted, “They were following up with us all day and even proposed follow-up items to make us safer going forward. It was an awesome experience.”
From Reactive to Proactive
Will and Mike talk a lot about how much expertise and productivity Red Canary adds to their team. “You’re talking tons of man hours,” said Will. “Not even adding one or two people would even it out. It’s like adding a full security team of 5-10 people.”
With Red Canary covering them 24/7 and remediating threats on their managed endpoints, Schumacher Homes now devotes more time to educating its staff about security, passing along what it learns from Red Canary’s security experts.
“We now have time to focus on doing security training for our employees. We learn tips and insights from Red Canary and use them to train our employees on what to look for to prevent threats. Now that Red Canary’s doing the heavy lifting, we can spearhead our security training program.”