X

Metorex, a mining company operating throughout Southern Africa, was previously using a manual, paper-based system for managing various risk areas including safety, environment, and community. The company recognized the need for a systematic way of protecting business resources and income against losses to achieve strategic and operational objectives. The company was committed to the principles of the King III report, which included the need to control and manage risk exposures through appropriate risk reduction and mitigation actions. However, achieving this control and management was a challenge with their existing system.

De Beers Group, a global diamond mining company, recognized the need for a software solution to support their 'Building Forever' strategy, which is built on protecting the natural world, partnering for thriving communities, standing with women and girls, and leading ethical practices across the industry. The company had been using IsoMetrix since the late 1990s, but in 2016, they initiated a global strategy to drive sustainability and shared value. They chose IsoMetrix as a software vendor to develop and implement a standardized system for managing Environmental, Health and Safety (EHS) incidents, risk management, and actions across all their business units. This complex project, named 'Project Unity', aimed to standardize reporting requirements across eight individual business units to allow for group reporting. The business units where IsoMetrix has been implemented are in Botswana, Canada, and South Africa.

The company was using a spreadsheet-based risk management system which presented challenges in terms of data accuracy and time consumption. They needed an out-of-the-box solution that would be compatible with their strategy and goals. The company wanted to implement a company-wide EHS solution and wanted to reap the benefits quickly. They requested a rapid launch with a reduced group of users, with a plan to scale up rapidly and sequentially, site by site. The decision-making process in the company was the responsibility of two key people who were well experienced in safety management, IT and using various other systems.

Impala Platinum Ltd, a leading producer of platinum group metals, was struggling with the management of its environmental, health and safety (EHS) data. The company's operations span across Southern Africa and internationally, generating a large amount of EHS data that needed to be captured and stored. The company's existing storage methods were inefficient, and the sheer volume of data made it difficult for the company's Safety & Environmental Manager at the Refineries division, Carina Burger, to extract useful EHS data when required. The company's policy required all incidents and audits to be loaded into the system, but extracting useful information, statistics, and relevant trends from the system was a cumbersome manual process.

Masana, a leading provider of petroleum solutions, was struggling with a manual and paper-based system for managing its Governance, Risk and Compliance universe. The company was facing issues with data loss, difficulty in collating data, and inability to track HSE incidents or actions related to the incidents. The data was scattered in many spreadsheets, and it was time-consuming to try collating data to build reports. The company needed a technology solution that could centralize their data, save time in creating detailed and accurate board reports, and allow their HSE team to conduct trend analysis and manage risks by exception.

EnviroServ, a leading waste management company, was in need of a software solution for safety, health, environment and quality (SHEQ) management. They required a system that could manage general SHEQ processes and streamline those unique to the waste industry. The company was growing and needed a solution that could scale with them. They also wanted to replace their manual, paper-based processes with an electronic SHEQ management system to reduce the time allocated to common tasks and record all incidents in real-time. During the software selection process, they faced the challenge of finding a solution that met all their specifications while remaining within the desired budget. During implementation, they faced the challenge of change management and implementing the system across many sites in a short time.

Wienerberger AG identified the need to provide relevant data to their customers more effectively within the software they use (BIM authoring software) and improve the customer journey across all touchpoints. The company's data stewards were faced with numerous challenges concerning the consistency and standardisation of product (systems, materials etc.) data across the whole group and its brands. In order to improve the quality of their data services, Wienerberger AG set an objective to standardise data internally, and decided to introduce an enterprise Product Information Management (PIM) system which would be the single source of data for all their clients. However, a traditional PIM did not fully meet their needs. They needed a solution that also could ‘translate’ data to the particular needs of users within different markets and across different software, without maintaining data duplicates and numerous local ‘silo’ databases.

Pipelife Norge, a subsidiary of Wienerberger AG, was one of the first to implement Wienerberger’s enterprise-level data model. The model is aimed at adopting a systematic and centralised approach to product data management at enterprise-level, as the digital readiness across the entire group varies significantly from brand to brand and company to company. Pipelife Norge also reported the increasing demand, especially in their home market, for relevant and accurate product data that can be used across the supply chain by various software and actors. One of the main challenges was that most of Pipelife’s product information was stored in siloed systems and file formats that hindered the flow of information. In addition, Pipelife’s web-catalog was maintained by the respective Product Managers responsible for the different product lines, which sometimes led to inconsistencies in the quality and richness of the product information.

NCC, a leading construction company, was facing challenges in implementing a paperless workflow related to the specification and selection of building elements used in internal processes and in the procurement process. The use of different words and definitions within the industry, as well as different data structure and language in systems, made it time-consuming to secure the quality of the data collected and exchanged. The difference in data models made it difficult to get different systems to process data in an efficient way.

Linde AG, a world-leading gases and engineering company, was facing the problem of an outdated environmental compliance system running on an old SAP release. The system complied only with the current SAP standard by about 50 percent, requiring tremendous manual effort for Linde to fulfil crucial legal requirements. The system was error-prone and no longer met business needs without significant manual effort. As a result, operation and maintenance were costly and inefficient. Linde AG needed a more efficient and standardized SAP EH&S platform. After more than a year of considering all the options, Linde selected IDS Scheer Consulting and 3E Company to take on the task.

Arapahoe House, a leading provider of substance use disorder treatment in Colorado, faced a challenge with managing and securing data on mobile devices used by its distributed workforce. A significant portion of the workforce used their own devices to access corporate mail from the organization's hybrid Office 365 / Exchange deployment. The IT team was uncertain about the number of BYO devices in use and how they were being used. They needed a solution to secure the data on these mobile devices. They evaluated several MDM solutions including Airwatch and MobileIron but found them unsatisfactory due to their difficult deployment processes and poor user experiences.

AMAG Pharmaceuticals, a company that develops and commercializes a therapeutic iron compound to treat iron deficiency anemia, decided to adopt G Suite as the all cloud backbone for the company. This decision was made to enhance productivity as G Suite offers a high performance productivity suite that is flexible and easy-to-use. However, combining BYOD and cloud meant that AMAG lost visibility and control of its data, risking security and compliance. Existing security solutions were not readily applicable to cloud apps and raised privacy concerns, since employees didn’t want IT monitoring their personal cloud apps or mobile devices.

Bay Cove Human Services, a healthcare provider network, was seeking a solution to ensure HIPAA compliance without altering the user experience. They were using Google's G Suite as their productivity backbone and needed a solution that would provide secure access to G Suite from any device. The challenge was to find a solution that would not require invasive agents or any configuration, and would allow users to simply log in to G Suite from any browser and be securely routed to the app.

Marisol International, a global supply chain services provider, faced a challenge in balancing the security requirements of global freight operations with the mobility needs of its employees. The company handles sensitive freight information for its customers, making security a top priority. However, its employees are globally dispersed and require access from a variety of BYOD (Bring Your Own Device) mobile devices. The company needed a solution that could be deployed quickly and easily, without taking undue control over personal mobile devices.

The firm was looking for a cloud security solution that could be quickly deployed in concert with this rollout. Given the high profile nature of its clientele, the complete assurance of data privacy is of highest importance to the organization. The firm wanted to maintain sole control of its data – it didn’t feel comfortable with cloud vendors having any visibility into customer information. The firm’s security architecture and risk teams set out to find a security solution that would help enable secure cloud application usage. For Salesforce specifically, they wanted an encryption solution that maintained integrity of data security while enabling full application functionality including search, reporting, and the firm’s Salesforce customizations and third party integrations.

The healthcare firm was looking to transition its 30,000 global employees to a SaaS productivity suite. The firm’s IT team had already deployed Office 365 for email only, but without proper security controls it refused to deploy file sharing and storage via OneDrive and Sharepoint. The firm’s existing security architecture included next-gen firewall appliances, along with secure web gateways from Bluecoat and Symantec DLP appliances. This network-level security architecture was inadequate for protecting data in the cloud and allowing for access on any device. The firm’s internal Office 365 productivity suite initiative was set to rollout rapidly throughout the company, its enterprise security architecture team decided to deploy a cloud access security broker solution to enable secure cloud usage. Of particular concern was protecting PHI, PII, and corporate intellectual property in data flowing out of the cloud. The native Office 365 security controls did not provide an adequate level of data protection, especially in the case of data access by unmanaged and untrusted devices.

The ad agency was looking to migrate from an on-premise solution to Office 365 to cut costs and increase employee productivity. However, some of the agency’s large clients, including Microsoft and Walmart, had concerns about the security of their creative assets. The agency needed to add another layer of security to their public cloud apps. They required solutions for single sign-on, mobile security, and access control. After evaluating several vendors, the agency determined that Bitglass was the only solution that met all their requirements.

The payment and debit-card processing leader standardized on Google's G Suite, but struggled to achieve PCI compliance for its auditors. With a mix of regular employees and contractors, managed and BYOD mobiles and laptops, as well as a geographically distributed work force proved challenging when it came to achieving PCI compliance. The compliance team wanted to restrict contractors to browser access and only on the corporate network, whilst allowing regular employees full access on managed devices and corporate networks, but restricted access on BYOD.

The global arms manufacturer, based in the United States, faced a significant challenge in securing BYOD access to corporate productivity applications. The company, which supplies products to thousands of military and law-enforcement organizations worldwide, had previously attempted a Mobile Device Management (MDM) deployment. However, the MDM solution proved unsuitable for a wide range of BYOD devices. The global distribution of the company's employees made supporting MDM on BYOD very expensive. Moreover, many employees rejected the idea of installing MDM agents that controlled their devices and potentially threatened their privacy. This unsuccessful deployment of MDM resulted in lost productivity for the firm. The IT security team commenced a search for an agentless SaaS solution for mobile security.

REA Group, a multinational digital advertising company specializing in real estate, was facing challenges in discovering and monitoring cloud usage in an open cloud environment and blocking high-risk sites and services. They needed to securely roll out sanctioned collaboration tools like Box to a global workforce. The company also aimed to deliver on security roadmaps while meeting the four pillars of REA Group’s technology strategy. As a cloud-first organization with 90% of its systems being SaaS based, the IT team at REA Group developed two parallel roadmaps for their technology and security teams that suited REA Group’s open technology culture and met the four pillars of its technology strategy: discovery, reporting, risk assessment and policy control.

Advantage IT Management, an IT services and support company based in Mobile, Alabama, was seeking a zero-trust, policy-driven security solution to better protect its customers and its own business. The company was particularly concerned about the recent high-profile ransomware attacks targeting MSP tools. The company's CEO, Matt Wilson, had been exploring zero trust solutions when clients started asking about it, making it the perfect time to implement such a solution. The company evaluated several products but found that none offered a complete solution like ThreatLocker.

Lake Forrest Preparatory School, a private school in Orlando, was facing challenges in protecting their technology, teachers, and students as they expanded the use of technology. They struggled to protect computers against malware and other forms of unauthorized software. While antivirus, web security, and e-mail security played an essential role in stopping threats from entering the school, these technologies fell short in stopping unknown malware and other problematic software from running. When students and teachers were using laptops outside of the school’s network, there was no control over what filtering and firewalls were in place. This increased the risk of unauthorized software or malware being downloaded, which could later run inside of the school’s network.

Tri-State Generation and Transmission Association, a utilities provider that supplies wholesale electric power to 44 electric cooperatives across Colorado, Nebraska, New Mexico, and Wyoming, faced a significant challenge in protecting its corporate and subscriber data from cyberattacks. The threat of a cyberattack shutting down the national electric grid is real, and utility companies are beefing up security measures to keep the lights on and the heat running for households and businesses. Tri-State's internal networks, which store both corporate information and subscriber data for 1.5 million customers, had to be protected. Multiple hosts, or master computers, are located throughout the wide area network and support 1,500-plus Tri-State employees. These hosts are critical to the utility’s business and way too valuable to take any risks with their security. However, Tri-State lacked visibility into the hosts’ activity and when potential threats did come up, there was no context to the type or degree of threat, and no prioritization.

The telecom provider’s network spans more than 10 geographies and multiple Amazon virtual private clouds (VPCs). Securing and monitoring such a diverse and expansive footprint is no easy task. As a result, the telecom provider is required to follow and operate under several different compliance policies. To support this mandate, the security team relies on their AWS-hosted ArcSight platform for big data security analytics, security information and event management (SIEM) and log management. Although the telecom company is running endpoint detection and response (EDR) on its managed clients, this still leaves a large security gap in visibility for IoT, unmanaged devices, BYOD, and other devices that cannot support EDR software agents.

Hydro Ottawa, the largest distributor in eastern Ontario, is responsible for delivering electricity to over 323,000 business and residential customers. With the surge in attacks on electrical grids and utility providers, the company needed to protect its corporate IT and critical infrastructure systems from cyberattacks. The challenge was to close the gap between infection and detection. The company needed to automate threat management that is simple to use and integrates easily with other security tools.

The company, a distributor in North America, was facing challenges in securing its geographically dispersed environment. Traditional security vendors were falling short when it came to stranger peripherals such as printers, scan guns, tablets, and guest devices. The company had a centralized data center and numerous physical locations across the country, making their network very distributed. Before deploying Vectra, the company was not monitoring network traffic, creating a significant gap in their security infrastructure.

The Private Research Institution was facing a wave of uncertainty due to the risk of a second ransomware attack. The manual workload was overwhelming and the institution needed a solution to automate Security Operations Center (SOC) inefficiencies and prevent future ransomware attacks. The institution was also dealing with constant change as network devices were constantly on the move with students and staff connecting in different locations and bringing multiple personal devices.

The global financial services company was in constant reactive mode due to their security operations center (SOC) being overwhelmed with homegrown solutions that required a lot of software patches. The SOC team was constantly putting out fires, rushing to investigate whenever they saw smoke. They were looking for a network detection and response (NDR) solution that would enable them to proactively detect and respond to hidden threats inside their network. They evaluated potential NDR solutions, including Darktrace and Vectra, hoping to find the right solution that would enable them to proactively detect and respond to hidden threats inside the network.

mLeasing, a leading leasing company in Poland and part of the mBank group, was looking for a modern solution that enabled the identification of online threats in real time. Traditional systems based on signatures or attack patterns only detect threats that are known to the system. The company wanted to find a system that would complement the security concept with a state-of-the-art solution based on behavioral analysis, supported by artificial intelligence and deep machine learning.

Greenhill, a renowned investment bank, was facing challenges in managing cyber risk. They were using SIEM tools but had difficulty in identifying which firewall logs were serious and which ones were not. The rise in credential abuse and account takeovers in SaaS platforms like Microsoft Office 365 was also a concern. Attackers were using social engineering to exploit human behavior, elevate account privileges, and steal critical business data. Greenhill needed more visibility into the network and an easier way to identify which threats were critical and which threats were not.