In the Cloud, on Devices, with a Service Provider… Company data is everywhere. Secure-24 protects it.
By Leslie Mertz
When the film studio Sony Pictures Entertainment was hacked in late 2014, releasing a mass of confidential personal and corporate information, business people all over the world took note. If a major company like Sony was vulnerable, any company was vulnerable. And that was scary.
“Until then, businesses typically viewed security as an afterthought or just as a checkbox for compliance,” says Brian Herr, chief security officer at Secure-24, a Michigan company that is a leading global provider of managed cloud services, IT operations and applications hosting. “What’s happened since Sony got hacked is that the industry has changed, and people have realized the impact a lack of security can have on personal lives and on businesses. Today, security has grown into a boardroom discussion because it is an enterprise risk.”
With a name like Secure-24, it’s no surprise that this company takes security very seriously. That includes security for itself and a wide range of clients, including those in healthcare, financial services, energy, communications, retail and the public sector. In 2015 alone, the company added nearly three dozen multinational clients with combined annual revenues exceeding $1 trillion.
One reason for that expansion is the heightened emphasis on protecting data, Herr says.
“It used to be that our customers came to us because they wanted to talk about our critical business application hosting or full IT outsourcing for cost efficiencies or because they wanted to focus on their core business and leave the IT to other professionals. Now, however, we’re seeing that security has become a huge driver in cloud or IT outsourcing engagements.”
IT outsourcing gives companies an opportunity to move their enterprise applications to platforms that have the right processes and controls with the proper layers of security technologies and initiatives, he says. To meet that need, Secure-24 delivers the highest standards and compliance to meet increasing security and data privacy requirements.
“If a company has an issue or a question, they can call anyone in our organization, including the CEO if needed, because we are an extension of their organization.”
– Brian Herr, Chief Security Officer, Secure-24
Customized security solutions
At the center of Secure-24’s approach is a close relationship with clients, Herr says.
“We understand that no two organizations are the same, so we spend a lot of time interfacing with our customers. We want to see what they’re seeing, and as security professionals, we have to look at risk across an entire company. We customize our services and security solutions to match what that customer needs so that we can ultimately protect the data.”
Most companies simply don’t have the internal resources to address their security compliance and regulatory needs, often because the pool of IT professionals is so limited, so they are relying more and more on IT outsourcing, Herr says.
“One of our primary goals is to help the company find safe, secure solutions, and to help the company understand risk, because that’s really what it comes down to. Everything we do has risk. Our job is to identify and mitigate risk, and also to help the organization understand where they accept risk. That’s a big change in approach.”
Another shift is that companies have become essentially borderless, Herr adds.
“It’s become more of a data ecosystem, because some of that data is sitting with service providers like Secure-24, some of that data is sitting in the cloud and some of it is sitting on mobile devices.”
Security professionals, therefore, have to understand where the data goes, including from the company to any of its partners, and how best to protect the data and report that it is protected.
“That’s why we embed ourselves in their processes, so that we can understand where they’re going, what their security and business initiatives are and how we can support them. And on the flip side of that, we extend a lot of transparency when it comes to our services and our systems, especially around our security,” Herr says. “There are no walls here. The key to security is cooperation and transparency. In fact, if a company has an issue or a question, they can call anyone in our organization, including the CEO if needed, because we are an extension of their organization.”
Staying ahead of the game
Because security measures are always advancing to stay ahead of potential breaches, Secure-24 also collaborates with trusted third-party partners, so it can offer the very latest and best protection, Herr says. Again, the company keeps the client in the loop by introducing all partners, including what the partners do and how they do it, and why Secure-24 recommends their services.
Security will continue to be a vital and integral part of diverse industries, Herr says.
“Since you’re not just defending one point or perimeter anymore, defense isn’t just a firewall. It is layers of security, services, technologies, policies and procedures that blanket the data wherever it lies,” he says.
In addition, security is no longer only about defense. It’s also about breach detection and mitigation, says Herr. Detection has become more challenging because hackers are better at camouflaging their actions, “so companies have to be better at distinguishing normal from abnormal.”
Companies don’t like to think about remediation, but it’s a must, he says.
“Something is going to happen eventually. Companies must plan for it. They must have the right partners, the right third parties and the right services in place; and must have their teams ready and practiced so that when something gets through the defenses, their organization knows what to do. The ability to respond correctly has a huge impact on how the public perceives a company.”
The future of security
According to Herr, the overall trend is for companies to continue outsourcing the increasingly complex and rapidly evolving security aspects of their businesses.
“A lot of companies — and this is regardless of size — are leaning more and more on their service providers and their trusted partners to help provide educated guidance when it comes to security, because there are just not enough security personnel to go around. That collaboration is becoming the key to the future of security.”
To stay at the top of its game, Secure-24 takes a unique approach, offering an academy for employee recruitment and growth.
“Professional development is key for Secure–24 recruiting and retaining employees,” says CEO Mike Jennings. Straight-out-of-college engineering recruits receive 18–24 months of on-the-job education focused on customer support.
“New engineers start in customer service, providing Level 1 support and answering calls from customers,” says Jennings.
The new hires progress from Level 1 through Level 3, allowing Secure-24 to identify and build talent, supplementing training by hiring exceptional senior engineers. Currently, the company has more than 520 employees (a number that has doubled since 2012), with more than 115 in different stages of the academy program.
“Our academy model is one of the best in the industry. We consistently develop outstanding engineers and provide exceptional opportunities for our associates to grow their careers at Secure-24,” Jennings says. “Our engineers are able to research the latest trends and work with the newest technology. In addition to the hands-on training, Secure-24 strongly supports external and industry-specific training and certification programs, encouraging employees to improve the breadth and depth of their technical expertise, while gaining invaluable industry experience.”
Successive double-digit growth for 14 years.
98 percent customer satisfaction ratings.
More than 200 global customers representing more than 20 global industries.
Named in 2016 as one of IDG Computerworld’s Best Places to Work in IT (fourth consecutive year).
Named to The Channel Company’s (CRN) 2016 Solution Provider 500 list for the third consecutive year.
Named by the National Association for Business Resources in 2015 as a Best and Brightest in Wellness winner.
Named by Crain’s Detroit Business in 2015 as a Top 50 Emerging Company.
CEO Mike Jennings named as a finalist in 2016 for the EY Entrepreneur of the Year for the Northwestern Ohio and Michigan Region; and as Entrepreneur of the Year finalist by Ernst & Young in 2015 and 2016.
Shawn Peralta named as CFO of the Year by Crain’s Detroit Business in 2015.