Aurex Constructors Case Study
Aurex Constructors safeguards systems and data with Microsoft 365 E5 and Defender for Endpoint – company can now prevent, detect, investigate, and respond to advanced threats.
Aurex Constructors is a key player in South Africa’s construction, turnaround, and maintenance industry, with more than 40 years of experience serving a blue-chip customer base in the oil and gas, mining and metallurgy, infrastructure, petrochemical, and clean power sectors.
Its two main service lines – construction and turnarounds, and maintenance – deliver structural, mechanical, electrical, instrumentation, piping, platework (SMEIPP), fabrication and management services for projects of all sizes and complexities. The company’s highly skilled workforce has a proven track record for delivering flexible, innovative project management solutions tailor-made to customer requirements.
The purchase drivers
At the start of 2021 Aurex Constructors split from a larger parent company and turned to Netsurit to migrate the business onto its own tenant with Microsoft 365 E3 licensing. The initial focus was on productivity solutions (email, Teams, and more) and basic security.
“The business was growing, and we had stabilized our core infrastructure in the initial period,” says Johan Claassen, IT Manager at Aurex Constructors. “We were ready to tighten up security and compliance in order to be more resilient against the growing number and range of cyber threats. What we wanted was a comprehensive security and compliance solution covering a broad range of risks and threats, with tight integration between all components, and effective single pane of glass visibility of the state of the environment.”
Claasen explains that the organization provides complex projects for major customers and deals with large amounts of confidential information. It is dependent on its IT systems to perform all core functions.
“If a security incident were to occur, we would face loss of productivity which would have a direct revenue impact and would also diminish the trust our customers have in the business,” he adds. “That’s why we needed to be able to demonstrate to our internal and external stakeholders that there were strong security controls in place to protect against likely risks.”
The company turned to Netsurit for the implementation of Microsoft 365 E5, which combines productivity apps with advanced security, compliance, voice, and analytical capabilities because of its demonstrated deep technical knowledge and insight into Microsoft security solutions.
The solution included:
- M365 E5 with Microsoft Defender for Endpoint, Office365, Identity and CloudApps
- Microsoft Sentinel SIEM collecting security events from M365 and other security relevant systems
- Custom automation and reporting
The Netsurit Security and Operations Centre (NSOC) provided all the necessary management capabilities and services that the Aurex Constructors needed, specifically its emphasis on proactive prevention, maintenance, and automation, which was aligned with the company’s approach to business.
“The NSOC provides a comprehensive managed security service ensuring that the Microsoft security stack was thoroughly implemented, with all available functionality enabled and integrated,” says Claasen. “The focus on the people and process aspects of the security solution ensures that the technical components of the solution are effectively managed and used. We like the focus on proactive maintenance to avoid risks, which is unlike the reactive approach of many security providers who instead focus on post-incident remediation.”
During the implementation, Netsurit used the Microsoft Commercial Incentives (MCI) programme to drive a series of Microsoft-sponsored workshops in which Aurex’s security state and requirements were evaluated and a solution planned and piloted. The workshops allowed the customer an opportunity to develop their thoughts on what they really needed from the security solution. The assessment, planning, and pilot implementation during the workshops ensured that the implementation was smooth, with minimal business impact and a rapid return on investment.
“Based on the outcome of these workshops, the plan for a phased implementation of Microsoft 365 E5 security workloads supported by a Microsoft Sentinel SIEM was executed,” says Dean Naidoo, Account Executive at Netsurit. “During the implementation training was provided to key Aurex employees to ensure that they were familiar with the technical capabilities of the solutions. The NSOC service was activated, customizing the Microsoft security solution to include automation and custom reporting.”
Aurex Contractors is now confident that it can detect and protect the business against most of the security threats it is likely to encounter. There is a constant improvement program that reviews the state of security on a monthly basis and then implements improvements. Any identified risks are proactively managed to mitigate or remove the risk. Issues are rapidly detected and remediated.
“The custom reports and dashboards give our management and other stakeholders clear visibility of the state of our security, which gives us confidence that we are as well protected as is possible,” says Claassen. “The visibility also shows that we are receiving a return on investment from the solution. There isn’t a direct financial ROI, but the reporting included in the solution shows what security risks and incidents have been handled. This allows us to get a feel for the potential business disasters we have avoided.”
Aurex would like to continue to use Netsurit to provide managed services based on the excellent service received. The company will continue to develop a roadmap for the long-term improvement of IT services and solutions which can be used to drive improvements in IT service delivery.
“Netsurit is our IT vendor of choice, and we would like to build a long-term relationship with the company,” Claassen says. “We consider Netsurit a strategic part of Aurex Constructors.”
– November 2021