How ConnectWise SIEM Helped Computer Solutions Strengthen Its Internal Security

Computer Solutions

As IT Operations Manager at Computer Solutions, Jason Hahn knew two things. Firstly, as a mid-sized computer company that included managed services in its offerings, a strong internal cybersecurity framework wasn’t optional. And secondly, as the head of a small IT team that already wore multiple hats, he didn’t have the time or knowledge to effectively build and monitor that framework. In fact, he could barely keep up with the thousands of report logs that flooded his team’s inboxes every day from their current tool.

Challenge

IT Operations Manager Jason Hahn knew his company, Computer Solutions, could be doing more to protect its clients—but lacked the resources and expertise to do it effectively.

Solution

Thanks to Hahn, Computer Solutions added ConnectWise SIEM and SOC Services for log-ingestion automation and 24-hour alert monitoring.

Results

ConnectWise SIEM helped Computer Solutions improve its internal security posture—giving leadership the confidence to reassure customers that the company had taken steps to secure its own systems.

“With MSPs becoming targets, basically, we were becoming an insider threat to a lot of our clients. Being able to leverage ConnectWise SIEM to help us with some of that and provide some guidance is a big benefit to us, because we know that we’ve got someone watching our back.”

– JASON HAHN, IT Operations Manager at Computer Solutions

“A lot of managed services providers (MSPs) are finding out the hard way that their own security is just as important as their customers’—if not more,” Hahn said. “But no one has the time to read through 9,000 emails a day.” Hahn also knew that a good security operations center (SOC) or security information and event management (SIEM) service could help automate Computer Solutions’ log-ingestion process by sorting through the noise and alerting the team only when items needed action. ConnectWise SIEM fit the bill, providing the Texas-based MSP with a set of dedicated eyes to monitor and analyze its logs—allowing Hahn’s team to stay focused on its core role.

Experiencing a Lightbulb Moment

While attending IT Nation Connect, Hahn had a lightbulb moment while listening to ConnectWise founder Arnie Bellini deliver a keynote address about internal security and the need for MSPs to ‘protect their house’ against cyberattacks. Determined not to become a headline case of an MSP at fault of a cyberattack, Hahn sought out viable vendors in the event’s Solutions Pavilion after the speech and was a ConnectWise SIEM customer before he left the building.

His other takeaway was to implement two-factor authentication (2FA) everywhere he could. This move proved timely: soon after, the company’s C-level executives returned from a different conference in a panic about their internal security—and Hahn was able to reassure them that he’d already taken initial measures to upgrade the network.

Still, he knew that 2FA was only one measure to protect the company’s own data and the data of its clients.

“With MSPs becoming targets, basically, we were becoming an insider threat to a lot of our clients,” Hahn said. “Being able to leverage ConnectWise SIEM to help us with some of that and provide some guidance is a big benefit to us, because we know that we’ve got someone watching our back.”

Just two years ago, Computer Solutions didn’t even mention its risk posture in its FAQs. But today, fueled by the recent rise in cyberattacks, the company is increasingly being asked not only how it can help protect a client’s data, but what it’s doing to secure its own.

In light of this new cyber landscape, Computer Solutions wanted to be a leader in assuring customers that it was taking every possible step to keep their data safe. The speech from ConnectWise’s founder had lit a fire under Hahn—and his proactive approach helped Computer Solutions get far ahead of the curve.

“I took Arnie’s speech to heart about securing your own house,” Hahn said. “When everyone else was in a panic and eight months behind, we were there.”

Hahn knew his decision to implement ConnectWise SIEM filled a critical gap, but felt justified when he received a weekend alert about an active threat: a Kali Linux box had been added to Computer Solutions’ network. Hahn was at a baseball game at the time, but he didn’t have to miss a single play, because he was able to work with the SOC to shut down the port the box was plugged into, neutralizing the threat until he could investigate on Monday.

He didn’t know it at the time, but this was actually part of a third-party penetration test—and the testing company was using the Linux box because it was having such a hard time getting into the network using other methods.

“That right there made it worth the money,” Hahn said. “Because I had no prior knowledge of that blind penetration test. And the fact that ConnectWise SIEM detected the traffic, alerted me, opened the ticket in ConnectWise PSA, and informed me what was going on was just outstanding.”

This gave Hahn and the company’s stakeholders confidence that they’d made the right decision. And as a result of its partnership with ConnectWise SIEM, Computer Solutions can now tell customers that it has a 24/7 watchdog on duty to help protect their data—giving them more confidence, too.

“You’re augmenting your staff, and you’re also augmenting their staff,” Hahn said.

This has proven a major competitive differentiator that helps Computer Solutions close deals. Case in point: one recent client had fallen victim to ransomware after its previous MSP was hacked. Unsurprisingly, when the client began looking for a new MSP, it approached its search armed with a host of questions about cybersecurity—and thanks to ConnectWise SIEM, Computer Solutions was able to provide the answers the company needed to hear.

“I think it speaks volumes that, when somebody was in that situation and doesn’t want to make the same mistake again, they trust you enough to come on board with you,” Hahn said.

Growing a True Partnership

Hahn chose ConnectWise SIEM over its larger competitors for its agility, low startup costs, and dedication to MSPs, including its leaders’ heavy participation in online forums and events.

“They live and breathe this community,” Hahn said. “They’re genuinely interested in helping MSPs, and you can see it by their actions. They answer questions out in the community from businesses that aren’t even their customers.”

Hahn appreciates that while ConnectWise SIEM is there to provide back-end support and infrastructure, he retains full control to customize alerts and easily alerts into his existing workflows in ConnectWise PSA®. He also has full access to his data—something other companies don’t often allow.

His advice to other MSPs in search of additional security? Don’t assume security—for yourself, or for your customers. And don’t be afraid to get help from a trusted third party.

“If I had not gone down this road a year ago,” Hahn said, “I’m sure we would’ve been an MSP that was hacked.”