Cyber security company uses Windows 11 security features to transform operations

ITC Secure is an advisory-led cyber security services company with over 100 employees and a 25+ year track record of delivering business-critical services to more than 300 blue-chip organizations globally. It has long been on the leading edge of security innovation and service delivery, using the latest Microsoft technologies to deliver tailored security solutions to highly regulated businesses. 

The company’s operations center is based in Canary Wharf in London. It was the first center in Europe to deliver Microsoft Sentinel as a security information and event management (SIEM) service and use Azure Lighthouse as an architecture model to connect to all its customers and monitor the security of their systems. Prior to the pandemic, these services were delivered and maintained on-premises. Analysts had to work in a highly secured area of the ITC office.

Although this setup worked well, it proved more challenging after the Covid-19 pandemic hit. ITC was inspired to explore Windows 11 so that it could provide a hybrid working alternative—and radically transform the company’s operating model.

It all starts with chip-to-cloud security.

As part of the Windows Insider Program, ITC had been testing a BETA version of Windows 11. It began with about five users, but quickly onboarded more than 90 percent of its users soon after. Upgrading to Windows 11 Enterprise, which is part of Microsoft 365 Enterprise, was a fast and simple process that Alan Armstrong, Senior Cloud Security and Identity Consultant estimates took about 20 minutes per device. “It felt like it was an in-place upgrade to the latest release,” he says. “In fact, we were going to a whole new operating system, but it definitely felt a lot smoother.”

Windows 11 Enterprise is built upon the core principle of Zero Trust, which essentially means never trust, always verify. In practical application, this means that managing and granting access is based on the continual verification of identities, devices, and services. To this end, Windows 11 Enterprise devices come with advanced security features built in and already enabled. The team was particularly excited about the chip-to-cloud security of Windows 11 Enterprise, part of Microsoft 365 Enterprise, which aligns hardware and software to keep devices, applications, identities, and cloud services protected. 

At the heart of this security is the Trusted Platform Model (TPM) 2.0, a hardware-level component that protects highly sensitive information by using an integrated cryptographic key. For a company like ITC, this component—required by Windows 11—transforms security compliance by safeguarding identity credentials and data. 

Windows 11 also includes expanded support for security settings, which can be enforced by Microsoft Endpoint Manager, a unified platform for deploying and managing devices. As a result, the IT team can enforce the same corporate security polices for remote users as it does on-premises. This leads to a whole new world of possibilities.

A new focus on secure hybrid working redefines how the company operates.

ITC has always followed international best practice when it comes to ensuring the safety and security of its customers’ data. As Matt Fernandes, Head of Cloud Security for ITC points out, “Windows 11 Enterprise has enabled the company to expand in a way that enforces high levels of security remotely wherever an employee is located.”

“Windows 11 Enterprise in unison with features from the Azure Cloud Security stack have been a real game changer,” he says. “Our distributed security analysts are empowered to connect and collaborate from anywhere.”

Coming on the heels of the pandemic, the ability to work from anywhere is a huge boon in and of itself. No longer constrained by geography, the company can draw on global talent, expand its footprint, and increase agility. 

There are many other features in Windows 11 that enable remote work, particularly around instant collaboration. For example, Armstrong and Fernandes are both big fans of the new layout. “We are 250 miles apart, so we spend a lot of time on Microsoft Teams, sharing screens and collaborating together on it. Being able to launch screens into Teams directly from the taskbar is really useful,” says Fernandes.

“We use these features when we’re doing demos with customers,” Armstrong quickly adds. “It’s quite handy to just navigate to the taskbar, find the window you want, and share it without looking like you’re fumbling.”

Even onboarding new employees and devices is simpler with Windows 11 Enterprise. 

Providing new employees with devices—whether on-premises or remotely— is simpler. Because Windows 11 devices are required to have TPM 2.0, the company knows that any new device picked up off the shelf will meet its security needs. Existing Windows 10 devices that meet the minimum hardware specifications can also be upgraded.

Next, setting up those devices is fast and simple; the entire process can also be conducted remotely using Windows Autopilot, a collection of technologies that is used to set up and pre-configure new devices. Windows 11 provides expanded support for security settings, enabling IT professionals to easily apply the same security policies to both on-premises and remote devices using Endpoint Manager. As a result, the IT team can easily apply the same security policies to both on-premises and remote devices.

“Previously, our internal team would have to build the machine from an image, install all the software, and make sure it worked, before the device was collected in person by the employee,” says Armstrong. “Now, thanks to Windows Autopilot, we can ship assigned hardware directly to the employee knowing that once they authenticate, the machine configures itself.”

The benefits are tangible; as Fernandes adds, “The device provisioning element of the onboarding process has decreased from hours to minutes and employees get the satisfaction of knowing they are the first to touch their new equipment.”  

ITC Secure is reimagining the world of work.

The new world demands hybrid working environments. For ITC, using Windows 11 Enterprise along with Windows Autopilot and Endpoint Manager has made this a reality. The ability to enforce security policies remotely has transformed how and where its security experts work. 

Today, ITC experts are currently operating in a hybrid working model. Enabled by Windows 11 Enterprise, the company is reaping additional benefits. For instance, ITC can draw on a larger pool of employee talent now able to work from anywhere, more easily right-size customer engagements, provide better and faster support—and over time, even grow its services portfolio. 

And that’s good for the bottom line.