Behind the celebrations of a company’s rapid growth, there are often scattered operational teams trying to bring new acquisitions into the fold as smoothly as possible. But the complexity of absorbing different IT environments creates inefficient decentralization. The lean IT team at Frasers Group simplified processes, making maximum use of the interoperability of Microsoft 365 Defender and Microsoft Defender for Endpoint coupled with Microsoft Sentinel. It also improved user identity with Azure AD Identity Protection and is adopting data governance capabilities in Microsoft Purview. Frasers prides itself on pushing boundaries, and it now has the IT infrastructure to accommodate its ambitions.
“We trust Microsoft because it shares our aspirations of scalability, security, and future-readiness. That relationship is vital to our overall strategy.”
Matthew Wilmot, Group Head of Enterprise Security, Frasers Group
Growing fearlessly
Frasers Group evolved from an athletic wear store in 1982 to become the largest sporting goods retailer in the United Kingdom. The success of its innovative retail approach and its famous fearless ethos is reflected in its spectrum of brands and intellectual properties across the areas of sports, experiences, and premium lifestyle. The company’s bold aspirations extend to the world around it: protecting the environment, reducing waste, and constantly lowering its carbon footprint. It celebrates its people, honoring their diversity and talent.
Rethinking retail means continuing to add iconic brands and reinventing struggling but promising businesses. In a world where a new company’s systems must be brought into the Frasers fold within days, IT teams need a flexible, interoperable tool set. The company found what it needed with a Microsoft security information and event management (SIEM) and extended detection and response (XDR) solution. Its IT team uses Microsoft Sentinel for a single view into security threats and alerts and Microsoft 365 Defender to tailor protection for every aspect of its estate. Frasers also extends its security hygiene to include identity protection and data governance.
Overcoming growth challenges
At its current size—about 15,000 endpoints around the world, storing roughly 500 terabytes of data—Frasers presents an information security challenge. Its previous acquisition business model didn’t consider the data being ingested from newly acquired companies. And some security vendors that were inherited from those acquisitions couldn’t integrate with other technology in Fraser Group’s environment.
Recognizing the gap, the IT team responded with a centralized approach that features a tightly connected tool set. The team created a turnkey kit, deploying Microsoft Security solutions into all environments and sending logs to Microsoft Sentinel to increase threat monitoring. “We regarded Microsoft as our best bet to achieve our security goals,” says Matthew Wilmot, Group Head of Enterprise Security at Frasers Group, recalling his team’s rapid security remake, which began with a security operations center (SOC). His team needed a scalable solution that could be deployed easily and that would provide easy reporting. “Our team grew from one security engineer to 12 people. During an accelerated 18-month journey, we built a three-person SOC. With Tier 1 analyst support from Quorum Cyber, it delivers continuous coverage based on Microsoft security concepts.”
Uninterrupted coverage and flexible tooling is critical given the complexity that frequent acquisitions add. “When you purchase a company, key people have often departed and no one is applying a security lens to existing systems,” says Wilmot. “Nothing has been done. The lights might have been turned off on Friday, and on Monday, we need to integrate their systems with ours.” Adds Matthew Burrows, Security Operations Manager at Frasers Group, “Vendor consolidation is critical. If we didn’t replace their tooling with ours, we’d be committed to working with thousands of vendors.” And according to Burrows, the lightning pace of growth will likely add from 10,000 to 15,000 more people over the next two years. “We use Microsoft tooling to support our three-person SOC so that it can support 50,000 Frasers employees,” he says.
Simplifying security with a cohesive Microsoft tool set
As Wilmot and Burrows assessed the security of the Frasers estate prior to establishing their team, one word came up again and again. “We needed visibility into user behaviors, endpoints, and threats across the entire system,” recalls Burrows. Processes were relatively manual in the past, blocking the company’s real-time awareness of malicious behavior. It monitored endpoints with Carbon Black, but the need for a more comprehensive endpoint detection and response (EDR) system drove its search for a more comprehensive solution.
After evaluating solutions from CrowdStrike and SentinelOne, Frasers cemented its choice of Microsoft because of its comprehensive security and automation. It implemented Microsoft 365 Defender and Microsoft Defender for Endpoint. “When we replaced Carbon Black with Microsoft 365 Defender, we suddenly gained greater multistage visibility,” says Wilmot. “We need eyes everywhere, and now we can monitor across our hybrid environment.” Considering the contrast between the two solutions, he adds, “We got piecemeal data from Carbon Black, but no alerts. Time is of the essence with security events. We put the pieces together faster with Microsoft Defender for Endpoint, which means swifter answers to critical questions and more time to address complex events.”
The Frasers team unifies visibility over the entire estate under a single SIEM and XDR system. “The XDR capabilities Microsoft offers are second to none,” insists Burrows. “Microsoft Sentinel layers built-in SOC capabilities with playbooks functionality. The automation it provides is key to keeping our SOC team lean. Without it, we would need to triple our team.” Wilmot appreciates the reduced stress and fatigue the team would otherwise face. “Our team has single pane of glass visibility into our infrastructure now, and all of our alerts are collated in a one-page report,” he says. “Being able to view everything in one page is an incredible time-saver. Our team immediately sees what it has to do.”
Wilmot’s team protects the company’s collaboration assets such as emails with Microsoft Defender for Office 365, and it sends captured logs to Microsoft Sentinel for further threat detection. Next, it secures data across the estate and heightens compliance with data privacy laws like the General Data Protection Regulation (GDPR) with Microsoft Purview and Microsoft Purview Data Loss Prevention. “We’re labeling all new documentation and emails with Microsoft Purview,” explains Wilmot. “That improves compliance, and we’ll continue that trend with Microsoft Purview Data Loss Prevention.” His team uses granular capabilities in the solution to aid GDPR compliance. “We’re starting to build out what we do from a data labeling perspective,” he continues. “We now have labels on all new documentation and on emails for better data classification, which helps with compliance.”
The team extends overall information security with Azure AD Identity Protection to mitigate identity risks. That’s crucial in a hybrid environment that includes a personal device policy for 7,000 head office employees who generate the biggest slice of Frasers data and use the largest and most complex mix of applications. Combined with more than 20,000 in-store salespeople who use Microsoft Teams on personal devices, that translates to a sizeable identity management challenge. “No matter where our employees are, we can monitor sign-ins more proactively with multifactor authentication,” says Wilmot. “We’re looking forward to eventually using Windows Hello and getting rid of passwords altogether.”
Future-proofing a powerhouse
Wilmot and his team understood the challenges they faced in a fast-growing company that insists on doing everything well without an extensive spend on tools. Not only did they need to find a unified tool set that would prevent sprawl from thousands of vendors, but they needed a value-added option. Additionally, the company continues to branch out in new areas, with its own credit facility coming soon, which will require the same level of information security as banks. “It hasn’t been a difficult undertaking with our simplified Microsoft tooling, which is key to carrying out our future plans,” explains Wilmot. Both companies line up in several crucial ways. “We trust Microsoft because it shares our aspirations of scalability, security, and future-readiness,” he adds. “That relationship is vital to our overall strategy.”
Burrows expands on the value of trust as it ripples throughout the company’s broadening IT environment. “We’re building a digital society that will build our employees’ confidence that we’re safeguarding our data in the best possible way,” he says. “At the same time, we’re ensuring that our customers are comfortable shopping at our stores because our data is highly secure.”
Find out more about Frasers Group on Twitter, Facebook, and LinkedIn.
“We use Microsoft tooling to support our three-person SOC so that it can support 50,000 Frasers employees.… Vendor consolidation is critical. If we didn’t replace their tooling with ours, we’d be committed to working with thousands of vendors.”
Matthew Burrows, Security Operations Manager, Frasers Group
Follow Microsoft