Customer Story: United Way of Pierce County

United Way of Pierce County

United Way of Pierce County is a Health and Human Services nonprofit dedicated to improving lives and strengthening communities in Pierce County, Washington. With a primary goal of lifting 15,000 families out of poverty within 10 years, the organization focuses on collaborative partnerships and targeted initiatives to address critical issues such as poverty, education, and health.

The Challenge: Meeting FCRA Compliance With Limited Resources 

Dan McFarland, the Director of IT at United Way of Pierce County, leads a small team of two, overseeing security and server-side operations for the 35-person organization. McFarland began searching for a SIEM solution after United Way of Pierce County took on a program that required compliance with the Fair Credit Reporting Act (FCRA) due to partnerships with credit bureaus like Experian and TransUnion.

Previously, McFarland relied solely on Microsoft 365’s built-in security features. While it occasionally flagged common incidents, it lacked the proactive alerting and comprehensive visibility needed to effectively monitor all security activity, leaving critical gaps McFarland couldn’t see or address.

“We were just using the native M365 [security tools]. It alerted us if there was malware, but by no means did it alert us when an account was created with a password that doesn't expire,” McFarland said. “I didn't know what I didn't know. I didn't have the view into that stuff going on behind the scenes that I do now.”

McFarland was looking for a SIEM that would effectively address security needs without requiring excessive time and effort to manage.

“We've had tools that say they're great and going to solve all our problems, but then you end up spending all your time managing the tool instead of your regular job,” McFarland said.

Cutting Through the Complexity: Why Other SIEMs Didn’t Make the Cut 

McFarland researched several solutions, including Arctic Wolf, CrowdStrike, and Microsoft Sentinel, but found them too complex and time consuming.

“CrowdStrike, Sentinel, and Arctic Wolf were too big for me. I would have spent all my time managing those systems,” McFarland said.

He also found their pricing models overly complicated, with layered licensing requirements and additional fees for essential features like data retention.

“With CrowdStrike and Arctic Wolf, you need this piece and this piece, and then 10 of these licenses and 100 of these,” McFarland said. “Then if you want to pay for retention, it's this much, but if you want to retain it for longer than this time period, it's extra.”

McFarland also evaluated Huntress, though its SIEM capabilities were still in the early stages and not fully developed.

“Huntress was just getting into the SIEM scene and didn't have a fully developed SIEM. They only had a handful of detections at this point and were still building them out,” McFarland said. “It seemed like [Blumira] was the better choice to go with to meet the SIEM monitoring requirement.”

The Solution: A Manageable SIEM and XDR Built for Real-World Use

Ultimately, McFarland chose Blumira for its intuitive, easy-to-manage SIEM solution that worked right out of the box and required minimal oversight.

“[Blumira] worked right out of the box. It's doing what it's supposed to do, and I'm not spending hours every day managing it,” McFarland said. “Literally just a few minutes a week. Anytime there's an alert, I can hop in and see if it’s a big deal.”

Deployment was just as simple. McFarland used Microsoft Intune to install Blumira agent across all company devices, eliminating the need for in-person setup.

“I like the ease of pushing the agent out through Intune without having to tell all of my remote users ‘Hey, you’ve got to bring your laptops in.’ That was something that was nice” McFarland said.

McFarland also appreciated Blumira’s transparent and predictable pricing, which aligned well with the United Way's nonprofit budget. He knew exactly what United Way would be spending without worrying about surprise costs.

“It definitely was nice [Blumira] having upfront pricing. I knew what we were going to spend and didn't have to worry about some other module that you need to add on.”

With Blumira, McFarland now receives real-time alerts for suspicious activities, helping him stay on top of potential security risks.

“If something happened, if my co-worker’s account got hacked and they have admin privileges, [Blumira] would let me know right away,” McFarland.

He emphasized the added benefit of Blumira XDR’s automated host isolation.

“Plus, with the XDR, it can segment [the endpoint] right off on the network immediately. And you don't have to worry about those ones that happen at midnight on a Saturday night,” McFarland said. “If it’s midnight on a Saturday night, you can alert me all you want, but I’m not getting out of bed.”