Flokser Success Story
Flokser prefers to monitor and manage its IT infrastructure with BBS Managed Security Services.
The project started with identifying the security risks in the Flokser IT infrastructure by the BBS Penetration Test team, which has the TSE A Type Penetration Test Company Certificate. The installation and configuration of McAfee EndPoint Security and DLP follow determining log resources to ensure a safe structure, transfer of logs to SIEM, writing of correlations, monitoring of SIEM by 7×24 BBS SOC team, extracting of false positives, and management of the system and improvements throughout the process.
Flokser IT and the BBS SOC team increased the security level of Flokser’s evolving structure far above the level at the beginning of the project against constantly changing internal and external security threats. With its Managed Security Services, BBS continues its efforts at full speed to further increase its security level.
Hakan Cem Topal, Flokser Digital Transformation Manager, shared his views on the importance of cyber security today and this successful project as follows:
In today’s world, information systems technology is being renewed and developed day by day. The use of this technology provides benefits and convenience in every field, on the other hand, it brings security problems that reach dangerous dimensions for individuals, institutions, and governments. Every day, millions of cyber events take place, and sometimes cyber-attacks that influence worldwide occur.
Information technology risk is not just a risk involving the information technology department. The risks that may arise concern all departments, therefore the entire business. Therefore, it is our first duty to create awareness by sharing the risk policies to be created within the organization. The approach we use to measure, manage, and balance these risks is called Information Technologies Risk Management.
Information Systems Risk Management is an action-taking process to identify, evaluate, and reduce risk to an acceptable level. The most obvious threat sources in businesses today are natural disasters, organizational deficiencies, technical errors, and planned cyber-attacks. Some of these threats are caused entirely by external factors.
As a result, you can take precautions against all risks with the best software and hardware and the best team. But conscious or unconscious mistakes made by the end-user can pose enormous risks for your systems. Today, 95% of information leakages are caused by end-users.
As a result of the cyber-attacks, there may be events that will cause serious harm to the institution as follows;
In addition, these events can happen every day, every hour, not only during office hours.
If you play the best center-forward in the world in the castle, he will probably fail and will concede a lot of goals. Or, in case that the world’s best ophthalmologist is expected to make a kidney transplant, the result may not be good for the patient. Information technologies are made up of many subdivisions, just like in football or a doctor. The system specialist cannot be expected to develop software or provide ERP consultancy from someone who provides end-user support. I think it is not a manageable process for all areas of expertise to keep the relevant people permanently within the enterprise. Just as the coach of a football team or the chief physician of the hospital is in the direct management layer without being in the operation, we CIOs who manage the information technology teams are in that position. Employing experts of every area in your team increases costs and prevents you from creating a manageable structure. That’s why we have to outsource today. Although outsourcing seems to be primarily costly, it costs businesses less at the end of the day and enables us to receive much better service by distributing risks.
Within this scope, it has been decided to provide SIEM/DLP service to Flokser by BBS teams against the dangers that may occur within the company.
Necessary institutions have been completed as of October 2019 in order to monitor Flokser systems by BBS Cyber Security Center. Since November, 24/7 monitoring has been started, and monitored violations are shared with Flokser Information Technologies Directorate in detailed reports.
The details of the service we receive are as follows.