Concerned about their MSP’s security gaps and the growing threat of cyberattacks, an insurance brokerage decided to take control of their IT security. They partnered with Aldridge for Secure IT Outsourcing, leveraging our advanced security technology stack and 24/7 security team. Their decision was quickly tested when a malware attack hit soon after switching to Aldridge. Our team detected and contained the threat immediately, preventing damage or disruption and validating their choice to prioritize security.
Client Profile
Industry: Insurance
Number of Employees: 200+
Location(s): Texas & California
The Insurance Brokerage’s IT Challenges
The brokerage’s CFO (and IT stakeholder) lacked confidence in their current IT provider’s ability to protect their business. There was no proactive communication around security, and while they knew threats were constantly evolving, their existing IT Managed Services Provider (MSP) never addressed it. Security always seemed to be an afterthought. The CFO grew increasingly anxious, fearing that an attack could result in the loss of critical data with no reliable recovery plan in place—putting the business at serious risk. Although they had backups, they had never been tested, and the CFO wasn’t confident that they could rely on their IT team to properly recover their data if they were attacked.
The CFO sought cybersecurity information, leading her to attend a ‘Cyber Threat Update’ event hosted by Aldridge and the FBI. Impressed by Aldridge’s insights and commitment to security education, she quickly realized their current IT provider was falling behind. Their IT lacked basic protections—no endpoint detection to stop malicious activity, no security training to prepare employees for phishing attacks, no vulnerability management to close security gaps, and no 24/7 monitoring to catch threats in real time. The risks were escalating, and a single breach could severely impact their business. Confident in Aldridge’s expertise, she saw an opportunity to strengthen their security and protect her organization before it was too late.
Aldridge’s Solution
To address these risks, Aldridge implemented Secure IT Outsourcing, a comprehensive IT and security solution designed for organizations that understand the importance of proactive defense. Key components included:
- Security Assessment & Risk Management – We assessed their security and uncovered critical vulnerabilities that left their IT environment exposed and incapable of recovery in the event of a compromise. After meeting with key stakeholders to present our findings, we developed a comprehensive plan to strengthen their defenses, enabling them to detect, respond to, and recover from potential attacks with minimal disruption.
- Threat Detection & Response: Managed Detection & Response (MDR) was deployed on all company-owned devices, along with Security Information & Event Management (SIEM) to centralize and store security data for continuous monitoring and investigation.
- 24/7 Security Operations Center (SOC): Security specialists monitored the brokerage’s IT environment around the clock, ready to respond to threats at a moment’s notice.
- Security Awareness Training & Testing: The entire team participated in ongoing training to identify cyber threats, ensuring vigilance at every level of the organization.
- Managed Backup & Recovery – We migrated the brokerage to our proven backup solution, ensuring their critical data remained protected and easily restorable in a crisis. We continuously monitor and maintain backups to ensure they remain reliable and ready for quick recovery.
The Malware Attack
Shortly after upgrading their security, the brokerage’s defenses were put to the test. A remote user was assembling a commercial insurance quote and unknowingly downloaded a malware-infected PDF from the internet. When the user attempted to open the PDF, the malware was activated, and it tried to make unauthorized changes to the computer to gain deeper access and create footholds inside the brokerage’s IT.
Because the user’s device was protected by Managed Detection & Response (MDR), the system instantly detected the suspicious activity and stopped the malware from executing. An alert was sent to Aldridge’s Security Operations Center (SOC), where our team quickly confirmed the threat and isolated the infected workstation. By analyzing SIEM logs, we traced the attack’s origin and assessed whether other systems were impacted. Fortunately, MDR had blocked the malware before it could spread, preventing the attacker from gaining deeper access. The investigation confirmed that only one device was affected, and the rest of the network remained secure.
Aldridge Response Timeline
- MDR detected malware, blocked it, and alerted our SOC team.
- Within 10 minutes: The SOC team correlated the security events and began investigating the threat.
- Within 30 minutes: The incident was escalated to Aldridge’s security team with a complete security summary.
- Within 50 minutes: The affected workstation was isolated from the network to prevent further spread.
- Within 2 hours: After speaking with the user and reviewing the full story, Aldridge confirmed it was an isolated incident. The workstation was restored, and the user returned to work with no disruption.
Thanks to their preparation and commitment to best practices, the Insurance Brokerage turned a potentially devastating malware attack into a non-event. There was no data loss, downtime, or lasting impact on their business.
Where The Brokerage Is Today
Today, the brokerage remains a valued Aldridge client. The malware incident served as a powerful reminder of the value of proactive security and their partnership with Aldridge. As the brokerage’s business has grown and evolved, Aldridge has continuously adapted its services to meet their changing needs. Our scalable approach towards IT ensures the brokerage remains secure while empowering them to achieve their strategic goals.
Cyber threats are constantly evolving. Like the insurance brokerage, proactive defense and preparation are key. Learn how Aldridge’s Secure IT Outsourcing or Co-Managed IT services can help you stay ahead of emerging risks and keep your business secure and thriving.
