Skip to main content
Skip to main content
Azure for Partners

About ITC Secure

For over 25 years, ITC Secure (ITC) has provided cyber threat advisory and managed security services to help organizations assess, manage, and mitigate risks while protecting key data assets and the reputation of their brand.

At the heart of ITC’s cyber services is a London based, 24-hour manned Security Operations Centre (SOC). From this center of excellence, ITC supports organizations of all sizes, across multiple verticals including: government, finance, retail and legal.

With a focus on cyber security, ITC helps its customers adhere to industry standards and comply with regulations such as ISO 27001, PCI-DSS, and the GDPR while basing services and operational procedures on frameworks like NIST and SANS and with the active input of organizations like the National Cyber Security Centre.

ITC logo colour RGB

Eliminating outdated security practices with SIEM

Over the last few decades, for ITC’s SOC to provide support, customers had to create a service principle account for the SOC or individual accounts for all SOC members. The SOC then had to setup alerts and queries on a per customer basis – a practice that wasn’t scalable, took up valuable time, and opened up potential security concerns.

In January 2020, ITC revolutionized their security practice with a managed security information and event management (SIEM) service based on Azure Lighthouse and Azure Sentinel. Microsoft recognized ITC as the first managed security service provider in Europe to take Azure Sentinel to market as a managed SIEM service.

Automated threat protection and streamlined customer onboarding

During the initial onboarding of a customer, the ITC team identifies where the customer log analytics workspace and Azure Sentinel platform is going to be located, including regions and resource groups, which provide the parameters needed to build and share ARM templates.

“The great thing about Azure Lighthouse is the ability to scale across multiple customers while only managing your own Active Directory, rather than our SOC managing multiple tenants with multiple accounts and passwords to manage,”
-- Matthew Ross, Professional Services Network and Infrastructure Lead, ITC Secure

Customers are managed through the Azure portal while all logs are ingested through Azure Sentinel. Log Analytics agents support Windows and Linux, and where there are no native connections available, ITC simply builds custom data connectors to extract the data and trigger against built-in analytics rules.

The Service Management team then utilizes cross-subscription workbooks to support customers directly. Rather than submitting a ticket to the SOC, waiting for the team to build out and run a report, then send the results out, the Service Manager accesses a workbook, changes the search parameters and runs queries against the entire customer base.

Azure Sentinel

Successful implementation of Azure Sentinel leads to promising customer reviews

“A move to Azure Sentinel aligns with our cloud strategy using Microsoft technologies. Early indications suggest the incident detection, alerting and reporting capabilities far exceed those of our current SIEM platform. To be able to implement Azure Sentinel with a trusted partner in ITC reduces risk and provides reassurance,”

 
-- Kieran Croucher, Enterprise Security Architect, DAC Beachcroft

“Despite the current climate, the speed at which our trusted partner, ITC Secure, deployed this far exceeded our expectations. Implementing Azure Sentinel and Azure Lighthouse not only supports our cloud digital transformation but also gives us greater confidence that we are enhancing our security operations with the best in class technology from Microsoft. We feel reassured that cyber risk is managed to the highest standards.”

 
-- Daragh McDermott, MD Channel Islands, JT Group Ltd

Improved customer onboarding with Azure Lighthouse

With Azure Lighthouse, delegations are setup during onboarding and provide Role Based Access Controls and just-in-time capabilities. The customer maintains complete control over their assets while allowing ITC Secure the exact permissions needed, only for as long as needed.

“We’ve been able to streamline and drastically shorten our onboarding capabilities. Our traditional SIEM deployment time used to take upwards of eight months for onboarding, but with Azure Sentinel, most customers are onboarded within a month, even in more complex log scenarios. For customers that are purely Microsoft-based, we can have them onboarded in a single afternoon.”
-- Iain Ashall, Head of SOC, ITC Secure

Leveraging Azure Lighthouse and Azure Sentinel has enabled ITC to enhance and develop their managed security services portfolio, automate threat protection, onboard at speed, and streamline operational efficiencies. Customers are provided greater transparency, visibility, and assurance that the cyber threats of tomorrow are prioritized today.

Azure LH screenshot

Organization size

100+

Country

England