I recently had the good fortune to spend some time with James (Jim) Mercer, the director of IT at Flexi-Van Leasing, to learn how his organization uses intrusion detection and log management services from Alert Logic. Together, we prepared a case study that’s now available on our website.
I wasn’t familiar with Flexi-Van before speaking with Jim, but now I see signs of the company almost every day. Flexi-Van is one of the largest full-service chassis lessors in North America. A chassis is a wheeled frame designed to move containers over land, between ocean-going vessels, railroad terminals and delivery points served by trucks. The company manages a fleet of more than 135,000 that they lease/finance and maintain and repair. Next time you’re passing a transport on the highway, check the mud flaps to see if it’s using a chassis from Flexi-Van.
While Flexi-Van’s business is leasing and managing chassis, like most companies today they run a big part of their business online. Their IT department is responsible for managing two datacenters on their New Jersey campus and also leverages the cloud to run applications that employees and partners use on a regular basis. And like all online operations, Flexi-Van’s attracts attackers. Jim shares some interesting (and painful) examples in the case study, including how attacks on their Microsoft Remote Desktop Protocol (RDP) were causing system reboots 3-4 times a month that would take 30-50 IT labor hours to fix each time.
Flexi-Van evaluated multiple security options but ultimately chose to work with Alert Logic. They appreciated our managed services approach to security—where we deliver security solutions that are backed by living, breathing security analysts who are in our Security Operations Center (SOC) 24×7, monitoring customer environments and notifying customers when incidents occur, helping them through remediation. For a company like Flexi-Van, one with a relatively small IT department, partnering with us allowed them to add the security resources needed for protection without affecting internal resources, all of whom needed to work on other projects.
You can read more about how Alert Logic analysts work with Flexi-Van in the case study. What I want to share here are some thoughts from Jim on what to look for in a security solution, in case you’re in need of a new solution or replacing what you have today. I thought he had an interesting and new approach, and hopefully it’s helpful for you. In addition to all the normal due diligence you do when looking for solutions, Jim suggests focusing on three things:
- Make sure the interface to any security product is useful and detailed enough to make it worthwhile. Ask yourself: “Can I use this solution to accomplish my goals?”
- Figure out what it’s going to be like to work with the company’s technical staff before you license anything. You don’t know how good or bad the staff will be until you pick up the phone and call. At some point, you will need these resources, so test them out before you buy.
- In security, log correlation capabilities are extremely important. If and when a breach occurs, your log files will contain the forensic data you need to understand what happened and fix the problem so it doesn’t happen again. Make sure whatever product you choose helps you make sense of the log data that it is collecting.
We appreciate Jim sharing Flexi-Van’s story with us and also his advice about what to look for in a security solution. If you have any thoughts or tips you’d like to share, please do so using the Comments box below.