AZURE: STRENGTHENING THE LINK BETWEEN CYBERSECURITY AND PUBLIC SAFETY

Written By Noreen Tenorio

RapidDeploy helps first responders defend public safety with Azure Sentinel.

RapidDeploy creates its Cloud Aided Dispatch systems to help first responders act quickly to protect the public. There’s a lot at stake, and the company’s cloud-native platform must be secure against an array of serious cybersecurity threats. So, when RapidDeploy implemented a Security Information and Event Management (SIEM) system, it chose Microsoft Azure Sentinel, one of the world’s first cloud-native SIEMs. Now RapidDeploy uses the complete visibility, automated responses, fast deployment, and low total cost of ownership in Azure Sentinel to help it safeguard public safety systems.

We’re here to help first responders and stop terrorists, nation-state attackers, and others from threatening public safety—and we use Azure Sentinel to help us do it.

HELPING HEROES SAVE LIVES

Every day, first responders all over the world save countless lives, sometimes in extremely dangerous circumstances. They put their lives on the line to protect the public, but one of the reasons their heroic efforts are so effective is the support they get from innovative technologies created by companies like RapidDeploy.

RapidDeploy provides its Cloud Aided Dispatch solutions for public safety and first responder organizations to help them protect people from harm. “We build a platform that helps save lives,” says Alex Kreilein, Chief Information Security Officer at RapidDeploy. “It does that by reducing incident response times and improving first responder safety by increasing their situational awareness.”

As a cloud-native company, RapidDeploy offers affordable solutions that deploy quickly and easily for organizations of any size. In a competitive market, first responders’ trust in a platform is vital, so security and resiliency are crucial differentiators for RapidDeploy. The company knew it needed a Security Information and Event Management (SIEM) system to enhance its resilience against cyberattacks, so it turned to Microsoft Azure Sentinel, one of the world’s first cloud-native SIEM systems.

NOT JUST ANY SIEM

With public safety and customer trust at stake, RapidDeploy takes cybersecurity seriously. Its platform and its customers’ emergency dispatch systems are under constant threat from nation-state attackers, hacktivists, organized criminals, and terrorists. “Securing our systems from cyberattacks is critical for keeping people safe,” says Kreilein. “Azure Sentinel helps us do that in a way that fits with our cloud-native approach.”

In line with its philosophy of creating simple, affordable, and effective solutions, RapidDeploy had some unique requirements for its SIEM. It needed the ability to detect threats on-premises, in Azure and other clouds, and in Internet of Things (IoT) assets at customer sites. RapidDeploy also wanted sophisticated threat intelligence and analytics, robust security orchestration and automation, and above all, a SIEM that would be easy and cost-effective to deploy.

“With many SIEMs, deployment can take months,” says Kreilein. “Deploying Azure Sentinel took us minutes—with no additional infrastructure to set up, we just accessed the service in Azure and started collecting data.”

COMPLETE VISIBILITY AND INTELLIGENT AUTOMATION

RapidDeploy uses Azure Sentinel to collect security data from across its on-premises and cloud infrastructure and its third-party security tools. It then fuses that information with data from its IoT assets by using Azure Security Center for IoT. By combining Azure Sentinel and Azure Security Center for IoT, the company’s security team has a complete view of security information and alerts from all hardware and software that is running in its infrastructure.

RapidDeploy also uses Azure Sentinel security playbooks to take advantage of decades of Microsoft cybersecurity work to automate its response to identified threats. “Automating our response is essential to stay ahead of our attackers,” says Kreilein. “Azure Sentinel and security playbooks help us shift the center of gravity because we’re always moving at the speed of machines, even when our attackers have to move at the speed of human beings.”

RapidDeploy also uses Azure Monitor for security log analytics and for general infrastructure monitoring and optimization. “Because Azure Sentinel collects all the logs in Azure Monitor, including logs that aren’t security-related, we can see a much clearer picture of an event than we could with any other SIEM,” says Kreilein. “That gives us the ability to learn and stop attacks from happening again.”

ULTRA-FAST DEPLOYMENT AND BIG SAVINGS

In pre-production testing, RapidDeploy subjected Azure Sentinel to a barrage of sophisticated attacks, and not one made it through. Every attack triggered an automated response and was eliminated before it had any effect.

“Having these advanced automated security capabilities with Azure Sentinel is huge for us, but what’s just as important is the ease of deployment and low total cost of ownership that make it simple for a small company like ours to be successful,” says Kreilein. “With Azure Sentinel, our security experts don’t need to burn time, money, and effort on deployment, so they can focus on threat protection and we realize a significant cost savings right off the bat.”

Another key reason that RapidDeploy chose Azure Sentinel was to embed security right across the software development lifecycle. “Azure Sentinel helps our developers be better developers,” says Kreilein. “They use it to populate security content and data that is critical to their jobs into platforms they’re already using, like log analytics. You can’t do that with any other SIEM—it’s not possible.”

For a cloud-native company like RapidDeploy, one of the biggest benefits of Azure Sentinel is that it seamlessly interoperates with everything that’s connected to the organization’s Azure environment. “We can integrate it with everything, including our databases,” explains Kreilein. “If we have a ransomware attack, we’ll see it, Sentinel will trigger an automated response, and we can roll back to backups in Azure to a point in time before the ransomware was able to initiate its objective.”

A GRIM FUTURE FOR ATTACKERS

RapidDeploy uses Azure Sentinel to safeguard its internal resources, and as a Microsoft partner, it deploys Azure Sentinel to its government customers with Microsoft Azure Government. “We can literally click to deploy it,” says Kreilein. “Then we can support our customers with all of the same playbooks and techniques that we’ve built around Azure internally.”

Having complete visibility and robust automation in place with Azure Sentinel will help RapidDeploy focus on product development and customer success rather than running security operations or spending time configuring and maintaining an on-premises SIEM. “We’re here to help first responders and stop terrorists, nation-state attackers, and others from threatening public safety—and we use Azure Sentinel to help us do it,” says Kreilein.

To find out more about how to improve your security for your business, no matter the industry, contact us today.

Noreen Tenorio
Previous

STOP HACKERS IN THEIR TRACKS
Next

WE’RE HERE TO HELP MAKE SECURITY SIMPLE AGAIN