Skip to content

Managed Security Services

Cityscape CS

Problem:

A construction company with 5 UK offices and remote construction sites, serving 157 end users, suffered a catastrophic outage caused by a power failure. This incident led to the need for a complete IT infrastructure rebuild and a lengthy data recovery process.  

Response:

In response to this critical situation, we took several actions to address the issue whilst at the same time enhancing their IT infrastructure. We migrated the on-premises Microsoft Exchange Server 2010 to Microsoft 365 while implementing essential security measures like MFA, anti-phishing, anti-malware, and anti-spam protection. Furthermore, we upgraded ten servers from Windows Server 2008 R2 to supported versions and migrated all computers from Windows 7 to Windows 10 Pro. Managed Sophos Intercept-X anti-malware, Qualys vulnerability management, and a new firewall setup with Sophos XGs in an active-passive arrangement were also put in place. Legacy storage units were replaced with mirrored Synology NAS units, and the internal network infrastructure received an upgrade with improved cabling, switches, and Wi-Fi for better performance and capacity. 

Outcome:                                

Through our support the organisation identified critical process and technology gaps between supply chains responsible for monitoring, alerting, responding, isolating, and blocking The outcome of these efforts was a more resilient IT infrastructure. The construction company now benefits from improved security, faster connectivity, and enhanced capacity. An 8-month project management effort oversaw the review, upgrade, and replacement of every element of the infrastructure. Furthermore, risks were mitigated, such as minimising downtime by prioritising key systems for restoration and addressing data loss concerns through decryption and re-tagging of files. They are now a long term client of Toro’s.  

Cyber Laptop

Problem:

A family office wanted a Managed Security Service provider to manage their security services and also deliver data migration. 

Response:

Over the time of working together Toro have delivered the following: 

  • Review of critical assets - assessment of what data, communications, devices and property the organisation are trying to protect, in order to appropriately scope and prioritise security measures  
  • Review of Office 365 environment 
  • Upgrade and deployment of password management system 
  • Appropriate use of VPN 
  • Migration of data to OneDrive and SharePoint from Drobox 
  • Users, groups, permissions, and access of data 
  • Data protection – review and assurance of processes 
  • Supply chain management – review and assurance of processes 
  • Centralised management of endpoint devices (laptops and possibly mobile phones if deemed appropriate) 
  • Review and assurance of home / business networks including Wi-Fi security 
  • Cybersecurity training and online e-learning  

Ongoing Managed Services 

  • Service desk provision 
  • Support workflow 
  • Implementation and integration of change management procedure 
  • Microsoft 365 management
  • BYOD device support
  • Corporate device management using JAMF Pro
  • Password management administration
  • Domain and DNS administration
  • Centrally managed VPN
  • Corporate anti-virus 

Outcome:                                

The outcome was a secure and resilient set up and ongoing support. 

Crisis Management image-1

Problem:

International investment services, wanted a partner that could provider managed services for key members of staff and also a partner that could provide virtual CISO and security services to a sister company based in a different country. 

Response:

Over the time of working together Toro have delivered the following: 

  • Email migration from on-premises Exchange 2010 to Microsoft 365. 
  • Configuration of Microsoft 365 in line with CIS Benchmarks for industry best practice security. 
  • File migration from on-premises server to SharePoint. 
  • Upgrade of desktops and laptops to Windows 10 Pro. 
  • Installation and use of Sophos Intercept X and Qualys.
  • FortiGate firewall updates and configuration.
  • Working with local suppliers for ‘smart hands on the ground’.
  • Penetration testing the office network. 

Our managed services include: 

  • Cloud administration of email and data 
  • Endpoint security, patch, and vulnerability management 
  • Provision of anti-virus 
  • End user support 
  • Proactive hardware and software upgrades 

Our vCISO services for the sister company include: 

  • Managing a local IT MSP and working with them to implement a security strategy of compliance with Cyber Essentials. 
  • Cloud system configuration hardening. 
  • Vulnerability management and penetration testing.
  • Drafting of IT policies and procedures and user how to guides.
  • Staff training.
  • Cyber risk assessment and analysis. 

Outcome:

The outcome was a secure and resilient set up delivered by one partner.