Compre Group - Delivering Cloud Transformation with 24/7 managed service and security operations

Case Study – Migration to Microsoft Azure and Office 365 - fully secured by a 24/7 managed detect and response service and continuous security posture improvements

Compre Group is a European insurance & reinsurance legacy specialist with over 30 years’ experience in the acquisition and management of non-life legacy portfolios. The organisation operates from multiple locations including London, Malta, Helsinki, Hamburg, Zurich and the US. Currently most of the staff are based in London with smaller locations in Helsinki and Malta, with home workers in Zurich and the US.

Compre were about to initiate a Business Development Strategy in order to sustain the anticipated growth of the Business, increasing its headcount with Malta becoming the Group location and service centre. Therefore, the current mode of IT operations required streamlining to meet the evolving needs of the business. Project Advance, the programme of works to ensure the IT infrastructure met the current and future demands, was initiated to address the gaps identified.

Project Advance – Blueprint for an Intelligent Enterprise 

iSYSTEMS was initially engaged to conduct an in-depth discovery and assessment of Compre’s existing Infrastructure and technological estate. The current mode of operation (CMO) was documented, and risks and potential impediments impacting both current service and the successful realisation of the Business Development were identified. In addition, iSYSTEMS highlighted opportunities to increase efficiency and reduce cost within the IT Operations function.

iSYSTEMS proposed a new target mode of operation (TMO) to move all services into the Microsoft Azure Cloud, building a resilient, dynamic service underpinning the current business capabilities as well as future growth and business development. 

iSYSTEMS Azure transformation

Managed Service and Continuous Improvement

iSYSTEMS agreed a 3-year contract to support and manage Compre’s physical and virtual environment, including responding to staff service requests globally. As part of the managed service all servers are continuously patched on a monthly basis, including Intune updates and software releases completed each month.

All users were migrated to Office365, with all devices from all sites joined to the Azure domain. This enables iSYSTEMS to centrally manage all AV/Patch management and software distribution across the estate using Intune and Autopilot.

This involves designing and implementing Intune and Autopilot, as well as enrolling devices into Intune, including Intune compliance, configuration profiles, endpoint security and application policies created for Windows and MAC devices, enrolling into Intune for MDM.

  • Fully automated via Autopilot, using Windows Hello and certificates enabling SSO to corporate Wi-Fi
  • Configured Windows update rings and hybrid setup enabling on premise endpoints to be part of the Windows 10 Update rings, Group Policies and Security Policies
  • Application deployments configured for third party applications
  • Defender ATP deployment and configuration
  • Conditional Access Policies and Security Baselines

Under the continuous improvement programme, a requirement for a Security Operations and Event Management (SOC & SIEM) service was identified and implemented, and the managed service was extended.

Security Operations and Event Management

To improve the security footprint and minimise the threat of a cyber security incident, iSYSTEMS introduced a Managed Detect and Response (MDR) service with a full SOC wrap around to respond to the security alerts 24/7. The monitoring is carried out across all physical devices, networks, cloud infrastructure and services. The MDR service collates events from the entire estate and a ticket is raised or a phone call made in the event of a security event depending upon the seriousness of the situation. The SOC service also includes an extended threat intelligence tool that provides an early warning system by monitoring Compre’s External surface management, scanning the dark web and providing digital risk protection services.

Service overview:

  • Installation of a physical sensor in all sites with built in IDS (London, Malta, Helsinki, Connecticut, and Bermuda) to monitor all North to South Traffic.
  • Connectors into all security systems
  • Log retention for 1 year to adhere to compliance
  • Deployment of an agent to all servers and desktops for additional MDR logging information 
  • Monitoring of all DNS/AD logs
  • Additional Monitoring of VIP users and groups
  •  Integration of the MDR to the Service desk to triage and respond to security alerts 24/7
  • Extended threat intelligence tool deployed with monitoring and alerting in real time for External Attack Surface Management, Cyber Threat Intelligence Platform and Digital Risk protection Service

Impact and Results

Following the completion of project advance by iSYSTEMS, Compre Group began to see significant improvements in performance, availability, and customer satisfaction.

The new TMO proposed by iSYSTEMS included moving away from the current managed service provider in its entirety, migrating all services to the Azure Cloud with iSYSTEMS providing a fully managed service. This involved the following:

  • Building out new or migrating all existing servers from on-prem into the Azure cloud
  • For data protection the servers are now backed up using Azure backup with Site Recovery used for DR purposes
  • Improved performance by expanding the RDS Farm with separate RD Web & Gateway, RD Broker Service o Having separate RD Web & Gateway servers enabled the secure environment to publish RemoteApps instead of full desktop access
  • All Compre Group devices from all sites were joined to the Azure domain enabling iSYSTEMS to centrally manage all AV/Patch management and software distribution across the estate using Intune
  • The elimination of security blind spots with full visibility across the entire estate
  •  24/7 monitoring and responding to alerts
  • Reduced security alerts from 40 a week to approx. 4-6 by improving security and surpassing false alerts
  • No need to access multiple administration portals to address security alerts, with all relevant security alerts being within the singular MDR portal
  • Improved Conditional Access policies based on security alerts, enhancing the Zero trust posture
  • Regular service reviews with the MDR concierge service to improve the security posture, having a ‘second set of eyes’ to highlighting any gaps. Having AD, DNS and security assessments amongst many others built into the service
  • Auditing improvements – With log retention for 1 year and excellent data exploration capabilities
  • Easy to understand weekly reports – Covering Azure/O365 and Security incidents
  • The extended threat intelligence tool detected that a phishing domain had been created, via the threat intelligence tool we were able to initiate a domain takedown, which resulted in the domain being brought down within just a few hours

By utilising the iSYSTEMS Managed Service, Compre Group receives a customised solution to fit its long-term needs: Remote monitoring, maintenance, and management of IT infrastructure, supporting all critical business applications such as Email, Networking and Telecom Remote and on-site user support from certified technicians. 

With a team of consultants providing the depth and breadth of skills needed to support Compre Group, the iSYSTEMS Managed Services is a cost-effective rapid response solution. With iSYSTEMS handling the day-to-day management and maintenance of its IT and cyber security operations, Compre Group can focus on its core business functions.

Everywhere we look we see the promise of technology

With tools and processes to make every part of your process more human and with one of the most qualified and highly-accredited consultancies behind you, getting your project started couldn’t be easier. Tell us about your requirements and any technical issues you face.

Your privacy

By clicking “Accept all cookies”, you agree iSYSTEMS Integration Solutions can store cookies on your device and disclose information in accordance with our Cookie Policy.

Cookie Settings

When you visit any of our websites, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and manage your preferences. Please note, blocking some types of cookies may impact your experience of the site and the services we are able to offer.