Go to content
We are the #1 Microsoft partner
#1 Microsoft partner of NL
Console
language_nl language_be
Home Secure. Cases At Siza, safety first with Managed eXtended Detection and Response

At Siza, safety first with Managed eXtended Detection and Response

Cases MxDR (Managed eXtended Detection and Response) CDC (Cyber Defense Center)
26-5-2023
This article is automatically translated using Azure Cognitive Services, if you find mistakes, please get in touch

Work with client and company data in Microsoft Online services and SharePoint without really locking the back door. This can have unpleasant consequences. The Managed eXtended Detection and Response (MxDR) service offers a solution, according to Niels Fontein, CISO and responsible for the information security of healthcare organization Siza. Sector manager Layla Jongerius of Wortell emphasizes the need for the MxDR service: "It is crucial to secure the crown jewels of a healthcare organization."

Siza offers support and care to people with physical, mental or multiple disabilities and to people with a non-congenital brain injury or autism. Some 2,500 employees are ready to take care of more than 3,500 clients. This will take place at 150 locations in Gelderland and Central Brabant. Siza has taken many steps in the field of IT: where about ten years ago its own system administrators still managed the Citrix and Application servers on location, the I&T department has grown into a management organization and Siza only purchases (SaaS) services. The last big step was the adoption of the online Microsoft 365 services, such as Exchange Online and Sharepoint.

24/7 security service

"About a year and a half ago, we found out in a nasty way that we had to get started with our security: we had to deal with a hack, in which someone logged into a mailbox remotely and sent hundreds of spam emails," Niels begins. It was an unexpected scenario for Siza. "At such a moment, you can only do as much damage control as possible. We drew an important conclusion: we work from an ICT management model and no longer employ our own managers who can be ready 24/7 and keep a proactive eye on everything. We have to find a better solution." Niels had known Wortell for years and had read about their MxDR service before. Wortell turned out to be one of the five Microsoft Gold partners in this field. That gave enough reason to start conversations about their Managed eXtended Detection and Response service. "We were looking for a 24/7 security service with management, detection and response. Even when we are not there: at night, on weekends and during holidays. We were interested in what Wortell offered. Reference interviews with other healthcare organizations confirmed the good feeling that Wortell gave us. It just made sense to enter into this collaboration."

Niels Fontein, CISO
"We work from an ICT management model and no longer employ our own managers who can be ready 24/7"

Not playing a fear trump card

Nowadays, safety is explicitly on the agenda of the management. "That does help to get decisions through. We had only purchased the most necessary Microsoft licenses up to this point, so it was a significant investment. Fortunately, as a healthcare institution, we have now been given a non-profit status with Microsoft, which means that the license prices are a lot lower. We have tackled several problems at once, but continue to work with the NEN 7510 standard as a stepping stone. We took the time for good preparation and consciously chose not to play a fear trump card. Our starting points were to reduce risks and ensure that continuity of care is guaranteed as much as possible; After all, that is our primary process." The management agreed, the implementation of the service was started in September 2022 and it was live in December. "With regard to the security functionalities that Microsoft offers, there was very little in place. After the expansion of our licenses, Wortell has set up a security baseline, which serves as the basis for activating the MxDR service. Wortell is the expert and we are happy to get started with the improvement advice. They know exactly how it works and what it takes to ensure that we continue to improve the level of security."

Layla Jongerius, Sector Manager Wortell, endorses this: "Siza knows her own role well. Their specialization is in the best care for their clients. In doing so, they look for quality around their organization. A security operation center is expensive and complicated to build. Then it is better to look for a reliable partner who arranges this and directs it. It is commendable that Siza makes that choice. I am convinced that it is also good for the clients. Siza shows: we do the maximum we can to handle your data safely."

"We have tackled several problems at once, but continue to work with the NEN 7510 standard as a stepping stone"

Balance between what must and what can be done

From a security point of view, settings sometimes have to be switched on that colleagues may not be waiting for. "An example is that you can no longer automatically forward e-mails to a private e-mail address yourself. This way we can reduce the risk of a data breach." These kinds of settings sometimes take some getting used to for colleagues. "We are still looking for the balance between what has to be done and what is possible. What suits our colleagues? Wortell advises us on what is needed to reduce risks, we weigh up whether the impact on our colleagues is realistic. In this way, we work together and ensure that the level of our information security is constantly improving." After all, security is a continuous process, Niels notes. "Setting up processes and achieving a major improvement was a project phase. From that point on, we keep taking steps forward every time. We want to make significant progress this year to improve the overall level of information security. With the purchase of Wortell's MxDR service, we have taken the first major step, mitigating significant risks."

"Wortell advises us on what is needed to reduce risks, we weigh up whether the impact on our colleagues is realistic"

Proactive partnership

Wortell is one of the five Gold partners in the field of security in healthcare. According to Niels, this is justified. "It is not a supplier-customer relationship. We think that is very important. Wortell works proactively, they point us to news in the market and invite us to participate in a webinar or workshop. They have experience in healthcare and can assess our situation well. Due to the good experiences, we have also started the next process for the security of our workplaces. Currently, our workspaces are not yet managed within a Microsoft solution. We have already started to house new workplaces within Microsoft Endpoint Manager. It is a very logical next step to better integrate our workplaces with the MxDR service."

Layla adds: "The relationship between client and contractor can be very businesslike. In this case, there has been openness about a certain vulnerability and we have helped convince the decision-makers. We do this as a partner, not just as a supplier."

Tips for other healthcare organizations

  • Take the management with you and convince them of the importance of a safe environment.
  • Work from guidelines, and use them as a framework for trajectories and projects. No blanks, no ad hoc approach.
  • Use the metaphor: hang cameras around your house so you know what's happening. Instead of hanging locks in places where it may be unnecessary.
  • Engage a party that can act immediately and look further. We asked Wortell to create a roadmap for continuous improvement
Next level security

Managed eXtended Detection and Response

Cybersecurity as next-level protection against all internal and external threats.

Read more