The company
As one of the largest independent French-speaking accounting firms in Canada, Marcil Lavallée provides a full line of audit, bookkeeping, tax, and consulting services for healthcare, education, not-for-profit organizations, small and medium-sized businesses, and more. With 100 employees and offices in Ottawa and Gatineau, the firm has continued to experience steady growth.
Information technology veteran Keith Chabot joined the firm 16 years ago as Marcil Lavallée’s IT Director, responsible for the security of the firm. Among everything else in his busy role, his small team is ultimately tasked with keeping Marcil Lavallée’s 100 onsite and remote users secure as well as ensuring proprietary information and sensitive client data remains private and safe.
If you ask Keith, he will tell you the firm’s success lies in its impeccable approach to customer service. And that is easy to see as Marcil Lavallée recently celebrated 35 years in business.
Keith has seen a lot of change and innovation, but a few things have remained constant. “Our focus on customer service and cybersecurity are key differentiators,” he explains. “We take a true interest in helping clients meet their challenges—beyond servicing their accounting needs—and cybersecurity is always central to our approach.
The challenge
As a small IT team for a firm that manages, shares, and stores confidential financial data on a daily basis, Keith can’t afford cybersecurity surprises. He needs a continual view across his network.
Keith doesn’t have the resources for a security operations center to provide 24/7 monitoring, but still requires the same, strong capabilities and functionalities.
“The key challenge as a smaller business is finding ways to defend our network against new threat vectors and potential risks with limited resources,” says Keith. “My top concern isn’t what I can see today, but what I may be missing. When it comes to putting the best defense in place, I need complete visibility. I never want to worry about what I may not be seeing.”
Adding more challenge and risk, while the company’s workforce had always been nearly 50% remote, now nearly all employees were accessing the Marcil Lavallée network from home.
Keith needed to ensure his security tool stack was robust and easy to manage, but also provided full insight to the daily system and user activity across his endpoints, network, and cloud infrastructure.
The solution
To solve for his monitoring needs, Keith initially considered a range of options, including security information and event management (SIEM) solutions.
As he explains, “I was concerned a SIEM would require a lot of my time to manage and would be costly, but at the time, I thought the log consolidation of events would help me see what’s happening in my network.”
Keith quickly changed his mind after seeing a demo of Field Effect MDR. After evaluating other solutions, he chose Field Effect MDR. Field Effect MDR provides complete detection and monitoring from one platform for his endpoint devices, network, and cloud services.
While log-based SIEMs can be powerful monitoring tools, the process, data volume, configuration, and maintenance needed for effective detection and monitoring results can be expensive and costly to maintain.
As Keith discovered, Field Effect MDR provides a more powerful, manageable, and cost-effective threat detection alternative. Field Effect MDR gathers data-rich security telemetry from a customer’s endpoints, network, and cloud services, and applies both machine learning as well as human-led analytics to identify active threats, risks, and vulnerabilities that may exist in the IT environment—an approach that also continually improves the security posture.
“I’m getting better features and functionality than a SIEM without the management and maintenance costs,” he adds. “Using Field Effect MDR, I gain a very easy to use, end-to-end solution for threat detection and response.”
According to Keith, Field Effect MDR not only provided full monitoring coverage, the platform was the best at consolidating security information. This saved time and provided very accurate detail. “Field Effect MDR’s uniqueness is really in its alerting and reporting capabilities. The depth of alerting and analytics are impressive. It’s able to tie in so many sources of security information across my entire IT environment and provide reports that are simple to understand and well explained,” he says.
Unlike other monitoring platforms, Field Effect MDR and its AROs process consolidate security events into simple and actionable reporting, providing three types of alerts—a required Action,
Recommendation, and Observation. This results in focused alerting with reports that provide clear, practical information with specific remediation steps to protect the entire IT environment. Each ARO is checked by Field Effect’s cyber analysts and guides priority, response time, and activities needed to better protect networks.
“As a lean IT team, we don’t have the time to analyze and extract our own information from the multitude of threat alerts and vectors. Using Field Effect MDR and its AROs, the data is easy to digest and share, and that saves me time,” Keith adds. “I can share the reports directly with our executives to ensure they’re informed, but also demonstrate the value I’m bringing to our IT function,” Keith explains.
The results
For Keith, Field Effect MDR provides exactly what he was looking for. “Field Effect MDR solves for detection and monitoring in a completely different and more effective way than any of the tools I have used or evaluated,” he shares.
Prior to Field Effect MDR, Keith says the effort to efficiently gather this type of detail across his multiple data sources and take action was a long, arduous process. “The best outcome from the Field Effect MDR deployment is having all of the information readily available,” he says.
“I now have a bird’s eye view of all the systems, services, and user activity across my network. I can see when and from where employees are logging into our Office 365 services, and all other activity happening in our IT environment,” he explains. “Whether it’s my local infrastructure, a remote worker, or out in the cloud, I have complete peace of mind that Field Effect MDR is checking everything and will catch any potential risk or compromise attempts.”
Field Effect MDR has also helped him streamline his technology stack and reduce resource consumption. Prior to deploying Field Effect MDR, Keith was using an endpoint protection solution that was not only generating a volume of alerts that required time to investigate but also consumed a lot of his system resources.
After uninstalling this and deploying Field Effect MDR's endpoint agents, which only consume about 2% CPU, he was able to resolve some previous high CPU usage issues with the previous solution.
“Field Effect MDR is so lightweight and powerful, it has become a core tool in my solutions stack,” Keith adds. Keith estimates that he is working more efficiently each week by reducing his threat alerting volume through focused monitoring. This has simplified the task of analyzing alerts, prioritizing remediation, and resolving any issues.
