McArthurGlen

McArthurGlen is a leading owner, developer, and manager of designer retail outlets across Europe and Canada. Considered a designer outlet retailing pioneer, McArthurGlen is shaping the concept of destination shopping by building beautifully crafted shopping environments. The architecture, design, dining experiences, and even the individual retailers at every McArthurGlen center are chosen to complement the location.

As a mid-market company with approximately 1,000 employees, McArthurGlen runs a “lean and mean” IT team that primarily is focused on managing the day-to-day operations of the business. Edward Merrett, Security Operations and Incident Response Manager at McArthurGlen, works closely with the company’s IT team and data privacy officers to ensure the company stays compliant with industry regulations and that IT security is a priority. “My team and I work to take the mystery out of cybersecurity and translate it into common sense. We create clear IT security guidance that helps keep our everyday operations more secure.”

Challenge

As McArthurGlen has grown and added more centers globally, their lean IT team found it increasingly difficult to manage changes in their security posture and risk across key assets enterprise wide. “We needed more understanding of what assets we have, what those assets do, and what services they provide,” said Merrett. “We also needed ‘eyes on the glass’ 24/7 to see and understand what was going on in our infrastructure so we could monitor and fix security issues more quickly and efficiently.”

Adding to their IT security considerations, McArthurGlen has a hybrid infrastructure with applications and services deployed in both on-premises and Microsoft Azure environments. With the adoption of the cloud, management of cloud applications, and cloudhosted servers and services, McArthurGlen faced a whole new set of threats. “As we move to the cloud, we have to ensure that we do not neglect the security of our legacy systems. We need visibility into all systems to ensure they are diligently monitored. As we push forward new technology, we must make sure that all our systems are patched, secured, using best practices, or safely decommissioned when no longer needed.”

As a business, McArthurGlen realized they needed help with IT security. They realized they did not have the tools or in-house staff they needed to face today’s advanced and targeted attacks. They required an outside solution to augment their existing operations. “Security operations centers are very expensive to run, especially if you do it effectively and 24/7,” said Merrett. “We know we have limited resources and we know we want to focus those resources on building our core business, not on building an in-house SOC. We knew that a managed IT security approach was the best option for our business.”

The Results

McArthurGlen chose Fortra’s Alert Logic Managed Detection and Response (MDR) to support their in-house security team and meet their growing IT security challenges. “We saw benefit in Alert Logic the first day we switched on the first appliance and started monitoring,” says Merrett. “Literally within 15 minutes, our Alert Logic SOC analyst called us to make us aware of some security threats and vulnerabilities that they detected right away.”

Merrett cited several ways Alert Logic helps McArthurGlen take a more strategic approach to IT security including:

• Continuously monitoring pinpoints malicious or abnormal activity and detect threats 24/7. Security issues are thoroughly investigated and communicated with remediation advice and level of priority, reducing the amount of time McArthurGlen spends on investigation and remediation.
• Hybrid, on-prem, and cloud security monitoring provide better visibility of their IT assets, security risks, and threats across their entire environment.
• Customizable security rules allow McArthurGlen to define security policies that align with their business operations and changing business needs. Deep security expertise combined with machine learning enables intelligent analysis of massive amounts of log data to help filter out false positives and detect threats.
• Compliance reporting helps McArthurGlen easily demonstrate they are meeting regulatory requirements.
• Vulnerability scanning helps identify assets that may be at risk. The Threat Risk Index helps track security posture over time.

Why Alert Logic?

McArthurGlen evaluated options from several security vendors, ultimately selecting Alert Logic to enhance the capabilities of their internal team with outside IT security expertise. “We wanted an option that would enable us to maintain some control of security internally, without having to invest in security tools or hire a team of security experts,” says Merrett. Alert Logic helps detect and analyze security threats 24/7 and gives the McArthurGlen team the advantage of security tools, intelligence, and security expertise at significantly less cost than doing it all in-house. “Working with Alert Logic gives us access to experts who deeply understand security, who are constantly honing their security knowledge, and who have access to vast amounts of security intelligence,” says Merrett. “Armed with this knowledge and advice, Alert Logic helps us make the correct decisions and protect our business.”

McArthurGlen also found Alert Logic easy to understand, purchase, and implement. For an affordable annual subscription, Alert Logic provides the outside expertise they need, including deep experience around Azure and monitors all of the McArthurGlen systems. “It’s all in a simple offering and platform,” said Merrett. “We have found the Alert Logic team extremely easy and helpful to work with.”

“I am passionate about IT security,” says Merrett. “What I’d like to tell other businesses like ours is — Alert Logic can help. If your company needs to be protected and wants to get protected quickly, but also needs to stay focused on their core business, Alert Logic is a great solution.”