SUDOP Group wanted to comprehensively strengthen cyber security in companies across its group. Over a period of five years, it implemented a series of projects that covered everything from technology to processes to employee training. The result is a unified security framework that protects the data, identity and infrastructure of more than twenty companies.
„Thanks to the reconstruction and strengthening of our cybersecurity, we now all know what and how to protect and who is responsible for what. But most importantly, we have the background and tools that give us visibility and allow us to react immediately and correctly when something happens.“
Group SUDOP Group brings together over 45 companies in the field of design, consulting and engineering services. In 2020, the group decided to to unify the approach to protection of data, identities and infrastructure across its diverse technology landscape.
SUDOP has entrusted the creation of a security standard that will reflect current threats and future legislative requirements and will set sustainable cyber security in companies to ORBIT, which is part of the group since 2019. We have divided the process of achieving cyber security in all companies into 12 follow-up projects.
1. We have mapped the security situation and identified vulnerabilities
Show more
The first project focused on comprehensive security assessment of the whole group.
We analyzed data protection, server security, workstation security, sensitive information transfer and data connection providers.
The four months of data collection, interviewing and analysis produced:
✅ The customer thus gained a clear plan to improve your security level. At the same time, the project created the basis for the next steps - tool selection, PoC and implementation.
2. We have implemented security policies to achieve cyber security in SUDOP companies
Show more...
Although the companies in the SUDOP Group had decent technical equipment, they could not use it to its full potential. They did not have security policies and processes in place.
Based on the previous analysis, we therefore designed and developed a set of security policies for 18 key areas - from classification of assets via access control, risks and incident detection up to safe use of mobile devices or Backup.
✅ All companies of the SUDOP Group have thus acquired within six months a single framework for security management, which enabled further development and adoption in individual companies.
3. We have unified firewall management across companies
Show more...
Historically, disparate firewall solutions in SUDOP Group companies have complicated management, increased risks and prevented a central response to incidents.
After analysing the current situation, we have therefore designed a target architecture based on Fortinet Technologies (FortiGate, FortiManager, FortiAnalyzer).
This was followed by their implementation (installation and configuration of new firewalls, setting up VPN and security profiles, connection to central administration), training of administrators and ongoing security prophylaxis and support from our experts.
✅ Standardisation of protective measures across the group simplified administration, improved visibility and enable a rapid response to incidents.
4. We have revised identity and access management
Show more...
Inconsistent management of identities and access permissions (e.g., lack of control over privileged accounts, password policies, identity synchronisation, or user account lifecycles) was a concern for some companies security risk and operational inefficiencies.
We therefore mapped the sources of identities in detail, updated identity systems and they made vulnerability scanning. We've reviewed allocation of permissions according to the principle of least privilege, verify membership in domain admins and set rules for BYOD devices.
In the field of M365 and Azure AD we checked synchronization, MFA, global admins permissions and other security features. We paid particular attention to the identity lifecycle process setup and permissions management.
✅ The output of the project was a set of recommendations for remediation that led to increase safety, reduce risks and streamlining identity management.
5. We updated security policies and prepared companies for legislative changes
Show more...
Ensuring cyber security in companies is not a one-off task, but a continuous process. Due to the rapid development of threats and upcoming changes in legislation (new law on cyber security), it was necessary to update the policies and extend them to other companies.
Based on feedback, we have therefore revised existing policies and added new areas such as acquisition policy, audit activity or control mechanisms. We have created a roadmap for policy adoption in newly connected companies and analysed the impact of the new legislation on individual entities.
✅ The project strengthened safety standards across the SUDOP Group, extended the adoption of safety measures to new companies and prepared the organisation for future legislative requirements.
6. We have created a central logging platform for the entire group
Show more...
The SUDOP group lacked a uniform system for the collection, storage and security event analysis. Data was fragmented, incident response slow and ineffective.
After analyzing the situation and proposing a solution design, we provided each company with implemented by SIEM solution based Elastic Stack Platinum. We set up rules for log collection, alerting, operator training and regular reporting. We've leveraged advanced features like anomaly detection and vulnerability scanning, including AI tools for filtering and active monitoring.
In the end, we concluded with the companies service contracts, covering operational support, alert management, security log evaluation and incident handling. We have set up regular reporting, functionality monitoring and the ability to extend support when new companies or technologies are involved.
✅ Modern platform compliant with SIEM standards now enables SUDOP Group efficient collection, evaluation and security incident management and data correlation. Thanks to regular service support, the stability, security and long-term operability of the platform is ensured.
„In unifying security for more than 20 technologically diverse companies, we wanted to create a solution that is centrally managed and efficient, yet flexible enough to meet the needs of each individual company. Today, the group has both.“
7. We modernized the network infrastructure at SUDOP headquarters
Show more...
The original network environment at SUDOP Group headquarters was complex and inconsistent. Outdated firewall systems (Sophos, Linux) did not allow effective management, sufficient protection or modern VPN connectivity.
We have therefore replaced by technology Fortigate. We prepared and performed VPN migration to MS Azure, cleaned the network environment and set up ACL rules. The project also included documentation of the target state and design of security measures.
✅ Resulting network security simplified administration, reduced risks and increased the availability of services.
8. We implemented an LMS platform for safety training
Show more...
Within the SUDOP Group there was no a uniform system of staff training in cybersecurity. There was a lack of technical infrastructure, training content and the ability to monitor the progress and results of training.
We decided to use the platform Moodle LMS, in which we have secured access, encrypted communication, backup and monitoring. We defined roles and permissions for administrators, lecturers and students. We implemented a multitenant environment, set up rules for training and added reporting with automatic notifications.
✅ Within two months, the SUDOP Group had a secure and flexible solution that provides training for ICT administrators and regular employees and company management provides an overview of the status of training.
9. We have introduced protection against loss of sensitive data (DLP)
Show more...
In some companies of the SUDOP Group the protection of sensitive data was not sufficiently addressed. There was a lack of classification of information, control of its movement and setting rules for access.
We have therefore implemented the technology Microsoft Purview Information Protectionwhich classifies data according to sensitivity, tracks its movement and controls access. We created policies for different types of information, trained employees and set up rules for working with data in common applications.
✅ Selected SUDOP Group companies have gained systemic control over the handling of sensitive information. Data protection has become part of everyday operations without restricting users.
10. We've secured endpoint devices, users and data
Show more...
Endpoint devices are a frequent entry point for cyber attacks and in some SUDOP Group companies were not adequately protected. They lacked uniform management, access rules and identity protection tools. The risk of misuse of accounts or devices was high, especially when working remotely.
After analysing the situation and proposing a target state, we therefore piloted deployed security features: conditional access policy, patch management, Intune, SSPR, MDM. We introduced identity protection via Azure AD Premium and discussed options like Defender for Endpoint or Autopilot.
✅ Some companies have gained from this project advanced tools for managing and protecting endpoint devices. There has been unification of rules, Increased security of access and to reduction of operational risks.
11. We expanded the central backup system
Show more...
Existing the backup system did not cover the new companies of the SUDOP Group, that lacked uniform backup plans, control over data retention, RTO/RPO times and backup monitoring.
We have therefore connected to the central system Synology. We designed backup plans, set up VPN connections, agents, monitoring and alerting. We provided recovery tests, cloud replication and other over-the-top services upon request.
✅ All SUDOP Group companies now use unified backup system with high availability and check, that is prepared for crisis scenarios.
12. We tested backups and created disaster recovery plans
Show more...
A number of SUDOP Group companies had not verified that their backups were usable in a crisis situation. There was a lack of clearly defined procedures for restoring systems and data, which presented risk in the event of an outage or cyber-attack.
We therefore conducted recovery tests, designed the infrastructure for crisis scenarios and created disaster recovery plans (DRPs). We provided companies with templates, methodological support and helped them with hands-on testing of data recovery from different environments - including the cloud.
✅ SUDOP Group companies have thus acquired proven procedures for the recovery of their systems. DR plans increase their disaster preparedness, reduce downtime and reduce the impact on traffic.
„Although we knew what we wanted to achieve, the people from ORBIT helped us to refine our idea and bring it to a successful conclusion. They were patient, matter-of-fact and always ready to find a solution that would work for the individual companies and the group as a whole.“
New standard of cybersecurity in SUDOP Group companies
Five years of work have brought the SUDOP Group not only higher level of technical security, but above all unified and a sustainable approach to cyber security in companies across the group.
The results achieved are concrete, measurable and transferable to other similar organisations:
✅ Technology unification - from firewalls to backups to identity and endpoint management
✅ Establishment of security policies - in all companies, including updates and adoption
✅ Improving the overview of risks - thanks to central logging and regular reporting
✅ Ensuring compliance with legislation - including preparedness for future changes
✅ Improving incident preparedness - through DR plans, recovery tests and staff training
✅ Streamlining IT security management - thanks to centralisation, standardisation and service support
This journey has not been about one-off measures, but about building a culture of safety that is now the backbone of the SUDOP Group's daily operations.
ARE YOU CONSIDERING A SIMILAR SECURITY TRANSFORMATION IN YOUR ORGANIZATION?
Schedule a consultation with our experts - we'll help you find your way to more secure IT.
