|Ease of use, PCI DSS
Upward Sports needed a SIEM that went beyond log retention for PCI compliance. Microsoft Sentinel was too complex & time-consuming.
Blumira’s SIEM gave Upward Sports more value with ease of use, pre-built detections and playbooks, personal support — all at a lower total cost of ownership than hiring a full-time security employee.
"I saw on Blumira's website a few user testimonials that said it was easy, and they got up and running in no time -- that's what I was looking for. I didn't want something that would take a lot of time or require a lot of different things to make it work. Sentinel was going to be a lot of that."
Founded in 1995 in Spartanburg, South Carolina, Upward Sports is a worldwide recreational nonprofit sports organization that has a strong foundation in the Christian faith. Upward Sports partners with churches in the US and Canada to bring youth sports ministry in their local communities. Today, there are over 2,000 Upward sports experiences across the U.S. serving hundreds of thousands of young athletes playing basketball, soccer, cheerleading, volleyball, flag football, baseball and softball.
The organization provides software to help organize and run the leagues. Les L. Neely, systems administrator for Upward Sports, is part of a 7-person IT team that writes code and manages IT and security for the organization. His role focuses on maintaining infrastructure for the nonprofit as they have made the migration to the Microsoft Azure cloud.
With their migration to the cloud, Neely had concerns about securing everything in their environment and needed a system that could provide visibility.
“We’re small, but we have locations all across the U.S. – last year we had over 200,000 participants, so we’re reaching a lot of people,” Neely said.
He had used the on-premises version of ManageEngine Log360 in the past as their SIEM tool, as well as different products to monitor uptime, but he was looking for something that would provide additional security value.
“I was looking for a SIEM that would go a little bit further than just keeping our logs,” Neely said. “The problem with Microsoft Sentinel was that once you have it in place, you have to become an expert in that. I don’t have time to be an expert in running Sentinel, with everything else that I’m doing, including managing Cisco switches, firewalls, email – I can’t spend all my time on just one tool.”
Meeting PCI DSS compliance was another driver for the nonprofit, though not the sole reason to seek out a different solution.
“PCI compliance requires us to keep all of our logs for a year, but I wanted something beyond that; something that was looking at and alerting me when it’s reviewing our logs,” Neely said. “According to my dashboard, I have 64 million logs — one person can’t watch 64 million logs. I have to have something that’s looking at those and alerting me.”
Similar to other IT teams that are running lean and splitting up their time between many different tools, Neely needed a SIEM that reduced the amount of time required for deployment, maintenance, and additional infrastructure. Compared to Sentinel, Blumira checked all of those boxes for the nonprofit.
“I saw on Blumira’s website a few user testimonials that said it was easy, and they got up and running in no time — that’s what I was looking for. I didn’t want something that would take a lot of time or require a lot of different things to make it work. Sentinel was going to be a lot of that,” Neely said.
Blumira’s endpoint agent provides another source of information to enable the nonprofit to easily and continuously monitor the security of remote endpoints across Windows, Mac and Linux.
“Blumira Agent — again — that was easy to install. I’ve got ManageEngine endpoint central for patching, remote control machines, and the ability to push out installs to all of machines spread out across the U.S.,” Neely said. “I liked how Blumira Agent just runs a script for a much easier install process. I was able to do that really quick, even on the Macs. I got that up and running pretty quick with the help of Dave once that came out.”
Another value-add for the organization was Blumira’s pre-built detection rules that are created, tuned and maintained by Blumira’s incident detection engineering team.
“Blumira has all of these rules they create, and that’s one of the things I really like. I got them set up automatically, and they alerted me. I shouldn’t be the one to have to figure everything out; I should be able to pay for something and it should help me out,” Neely said.
With every finding or alert that is sent to their team comes a playbook that walks them through what next steps to take, cutting down on response times and decision-making that often requires some security expertise.
“Our director is the decision-maker on our IT budget,” Neely said. “I showed him the findings and walkthrough questions, and he really loved that; it’s something that guides us through what we need to do in case something happens. I like that you can also request support from Blumira directly within a finding; all of that makes it really easy to use. I’m not a security guru, and having something that walks us through response is another definite big plus to the system.”
When it came to making the business case to his director, he cited costs and security maintenance as reasons to invest in Blumira.
“I told my director it’s like adding another employee, except much cheaper,” Neely said. “That was a major driver — that Blumira was going to be taking care of the solution.”
Having support that was responsive, helpful and local is another reason Neely highlighted as a reason to switch from ManageEngine to Blumira.
“ManageEngine has thousands of people working for them, and the support was just not as personal,” Neely said. “With Blumira, I have Dave — if I need something, I can email Dave. We’ve got a lot of security things going on these days, and I would rather talk to someone in the same time zone if I need help.”