Maslon LLP is a law firm located in Minneapolis, which employs more than 160 attorneys and support staff. Maslon’s practice caters to corporate clients and individuals in the upper Midwest of the United States. The IT team at Maslon manages about 300 endpoints and 100 servers along with a range of cloud services to support its attorneys and staff.
Multiple factors drive Maslon’s information security focus. The firm must secure sensitive client data as well as its own confidential information. In fact, Maslon has ethical obligations driven by the American Bar Association (ABA) to ensure the security of client data. Additionally, many of Maslon’s enterprise clients require the firm to complete vendor risk management questionnaires as a prerequisite to doing business.
“Client security assessments became increasingly frequent, particularly from large banks and healthcare companies,” explained James Blomquist, CIO at Maslon. “We recognized that active monitoring was a requirement and we needed to ensure we had the tools and resources to find potential threats 24/7.”
Maslon typically adheres to client compliance regimes as part of the business relationship. As Blomquist said, “If the client is affected by HIPAA, we have to satisfy that client’s HIPAA requirements. We are frequently in possession of their customers’ data, and we need to ensure we are implementing the necessary precautions to secure that information.”
“Arctic Wolf delivered a top security solution that meets our client requirements and is more cost-effective than alternative approaches. It stood out from the pack with its Concierge Security™ team approach that acts as an extension of our IT team. Arctic Wolf has consistently delivered on its commitments and reinforced the mutual trust and confidence between its team and Maslon.”
James Blomquist, Chief Information Officer, Maslon LLP
Making the Case: Finding the Right Approach to Cybersecurity Detection and Response
Keeping the status quo was not an option given the client concerns and potential business impact of not adequately monitoring the firm’s environment. To help optimize its security posture and assuage client risk management concerns, Maslon evaluated different ways to systematically monitor its environment and analyze log files for security threats. It considered deploying a security information and event management (SIEM) system, but quickly concluded that the cost of staffing and managing a SIEM would be prohibitive.
Having ruled out an in-house SIEM solution, Maslon zeroed in on managed detection and response (MDR) as the optimal approach. Maslon evaluated a number of MDR solutions and decided that Arctic Wolf’s SOC-as-a-service was the best fit. According to Blomquist, “The business case made to our technology and budget committees was very straightforward. We had pressing security assessment questions around network monitoring and log analysis. The Arctic Wolf solution met all of our needs at a cost far below that of an in-house SIEM.”
The Verdict: Exceptional Results
Maslon deployed Arctic Wolf a year ago. The deployment process was smooth. As Blomquist explained, “We were up really quickly. Once we signed the agreement it was only a couple of weeks until we were fully utilizing the service.”
Today, Arctic Wolf ingests over 46 million observations per week from Maslon with only a handful of these resulting in security investigations. And the firm is transitioning to Microsoft Office 365 and intends to add Office 365 coverage to the resources that Arctic Wolf monitors. Maslon’s IT team has seen improved security all across its network, and also satisfies client requirements in a number of ways:
- Arctic Wolf's SOC-as-a-service console provides insights and reporting on both on-premises and SaaS applications used by Maslon
- “Out-of-the-box” reporting satisfies internal and external constituents
- Visibility into suspicious network traffic enables Maslon to avoid potential security pitfalls
Maslon’s cybersecurity policies and processes satisfies corporate clients and ensures its practice continues to thrive. Blomquist described Arctic Wolf’s value by saying, “Arctic Wolf provides two solutions in one: technology and people. It not only provides the technology to collect and aggregate the log information, but the service also includes the people with the necessary security expertise to evaluate that information. One key benefit we’ve found is that the Arctic Wolf Concierge Security™ team provides advisory services, so we can quickly respond to potential incidents.”
Arctic Wolf’s impact has resonated beyond the law firm’s cybersecurity requirements and helped become a driver of new business and enhanced productivity for Maslon. “Partnering with Arctic Wolf has enabled my existing IT team to stay focused on our core competencies - managing operations, supporting end users, and deploying innovative solutions so we can better serve our clients,” Blomquist said. “It also gives me peace of mind to know that we have an enterprise-class network monitoring tool and the Concierge Security team focused on helping us protect our clients’ data.”