Legato Security

Managed security service provider strengthens its protection against cyberthreats by adding Cloudflare Area 1 to its defense infrastructure

Legato Security is a full-service Managed Security Service Provider (MSSP) with a team of highly trained employees providing advanced 24/7 threat detection and comprehensive incident response services. Organizations served range from small and mid-sized firms to the Fortune 100, spanning legal, political entities and campaigns, healthcare, technology, government, and finance.

Legato’s managed, customizable security services include continuous security monitoring, incident response, penetration testing, malware removal, security staff augmentation, and dark web monitoring.

The company’s tailored, technology-agnostic cybersecurity approach helps firms plan, build, and implement programs that address security challenges from every possible angle, and keep pace with evolving cyber threats.

Challenge: Close email security gaps that raise the risk of business email compromise, credential harvesting, and other threats

As a provider of cybersecurity services, Legato takes the trust of its customers and their security infrastructure very seriously. As Jennifer Greulich, the company’s SVP of Security Operations, notes, “A majority of the technology solutions we sell to our clients are the same ones we use and rely on to protect our business. We wouldn’t promote or endorse anything we hadn’t used or weren’t completely confident in.”

Like many of its customers, Legato uses Office 365 for email, relying on its native email security features to protect it from cyber threats. But the company quickly recognized that numerous phishing emails were bypassing Office 365’s security. This “phishing gap” resulted in incidents that required investigation and remediation. The company realized it needed specific anti-phishing technology that goes above and beyond Office 365’s native capabilities.

Legato selects Cloudflare for its proactive approach to phishing threat detection

Legato made the decision to integrate the Cloudflare email security solution in-house first. “Deployment was complete in a couple of hours,” said Greulich.

The Cloudflare technology made an immediate difference, drastically reducing phishing incidents “from 10-15 per week to one or two.” Over time, the results became even more striking. “Cloudflare has performed outstandingly for us,” said Greulich. “We have seen a significant and prolonged drop in phishing emails. Not only that, the Cloudflare service has had little to no impact on email productivity, which means there are minimal false positives.”

Legato is pleased that employees who previously had to interrupt their work to report, investigate and deal with phishing incidents are now freed up to remain focused on their jobs. And of course, Cloudflare reduced the concern, endured by all organizations, that even a “security awareness trained” employee can be manipulated into clicking on a phish or complying with a business email compromise (BEC) scheme.

Legato customers using cloud email suites see fewer phishing attacks after implementing Cloudflare Email Security

Legato’s own clients often rely on Office 365, or G Suite defenses, along with their respective native email security tools to protect their organizations from cyber threats. But typically, these clients did not have specific anti-phishing resources or tools before working with Legato.

“Since it’s our business to select and manage technology for our customers, it’s important for us to understand those unique customers’ environments and challenges,” said Greulich. “In many cases customers come with a specific issue to be addressed. So in working with what the customer has, we then see additional needs calling for the addition of an anti-phishing layer to deal with or prevent breaches. When our customers ask us for suggestions on phishing protection, we always recommend Cloudflare,” said Greulich.

In fact, for their Managed Services customers, Legato actually builds in Cloudflare’s anti-phishing service when it develops quotes for securing the customer’s email. In those situations, Legato manages administrative control of the Office 365 or G Suite environment, configuring it for maximum security and adding Cloudflare Cloud Email Security service as the phishing protection layer.

“Cloudflare Cloud Email Security deployment goes really well: We rely on a simple guide for the steps to follow when installing Office 365 and G Suite protection.”

Legato checks in regularly with their customers and shares Cloudflare reports that document the messages that were blocked. In some cases, customers with the skills and technological resources can access the Cloudflare portal directly.

“Cloudflare’s message-tracing features have been extremely helpful when it comes to tracking email that should have been delivered but wasn’t — or that was delivered but shouldn’t have been. It’s really helpful to be able to see that message trace; you can observe for yourself and see the actual email flow and detection details on the Cloudflare portal.”

Legato’s customers who had been using Office 365 native defenses and still suffer from phishing attacks also saw those attacks drop precipitously after adding Cloudflare's anti-phishing service. Their Gmail-using customers who adopt Cloudflare Cloud Email Security have also seen nearly 100 percent of their attacks shut down preemptively — before they could even enter the inbox.

Legato reaffirms clients' trust with forward-thinking, multi-layered defenses

“Every day, we do our best to reaffirm our clients’ trust with forward-thinking, multi- layered defenses,” said Greulich. “Because we aren’t tied to any one technology or provider, we can advise without bias. Our only obligation is to defend our clients in the most strategic way possible. This technology-agnostic approach sets us apart from most MSS vendors.”

Legato checks in regularly with their customers and shares Cloudflare reports that document the messages that were blocked. In some cases, customers with the skills and technological resources can access the Cloudflare portal directly.

“Cloudflare’s message-tracing features have been extremely helpful when it comes to tracking email that should have been delivered but wasn’t — or that was delivered but shouldn’t have been. It’s really helpful to be able to see that message trace; you can observe for yourself and see the actual email flow and detection details on the Cloudflare portal.”

“Since working with Cloudflare,” says Greulich, “Legato has seen a significant drop in phishing email incidents, with little to no impact on email productivity and minimal false positives. This service is just extremely effective at stopping phishing. We don’t use or recommend products we don’t believe in — so our recommendation of Cloudflare for our own customers underscores our belief in this service, based on its performance in our company.”